The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length field during a calculation of an amount of memory, which allows remote attackers to cause a denial of service (mesh-node system crash) via fragmented packets.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: debian
Published: 2015-01-02T21:00:00
Updated: 2024-08-06T13:47:40.368Z
Reserved: 2014-12-31T00:00:00
Link: CVE-2014-9428
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-01-02T21:59:00.063
Modified: 2023-11-07T02:23:05.363
Link: CVE-2014-9428
Redhat