Vulnerability DatabaseCVE-2014-3535
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2014-3535
Published:September 28, 2014
Updated:May 17, 2026
include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface.
Related Resources (6)
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=256df2f3879efdb2e9808bdb1b54b16fbb11fa38
https://bugzilla.redhat.com/show_bug.cgi?id=1114540
https://access.redhat.com/security/cve/CVE-2014-3535
http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.36
http://www.securityfocus.com/bid/69721
https://github.com/torvalds/linux/commit/256df2f3879efdb2e9808bdb1b54b16fbb11fa38
Do you need more information?
Contact Us
CVSS v3
Base Score:
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH
CVSS v2
Base Score:
7.8
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
Weakness Type (CWE)
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-119
EPSS
Base Score:
0.77