The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets.drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a DCCP packet that triggers a call to the dccp_new, dccp_packet, or dccp_error function.The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a denial of service via unspecified vectors.