Red Hat Security Advisory 2014-0328-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the get_rx_bufs() function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc() function. A privileged guest user could use this flaw to crash the host. A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on the system.
89d9790834be4c375db2c9b80b34a6a4d366543a7220b333921532be2e3a6db5