CVE-2014-7207

Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.2.x through 3.2.63

Description The issue is related to a Debian patch in the IPv6 implementation of the Linux kernel, where the ipv6 select ident function does not properly validate its arguments. This can be exploited by local users to cause a denial of service, resulting in a NULL pointer dereference and system crash. The exploitation can occur through access to either tun or macvtap devices.

Recommendations For Linux kernel versions 3.2.x through 3.2.63, consider restricting access to tun and macvtap devices to minimize the risk of exploitation. As a temporary workaround, limiting the use of the ipv6 select ident function may help until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.