Описание
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data.
Отчет
This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not support SCTP authentication and extended parameters. It did not affect the version of Linux kernel as shipped with Red Hat Enterprise MRG as it has backported the upstream commit a8170c35 that addressed this. This has been addressed in Red Hat Enterprise Linux 5 and 6 via https://rhn.redhat.com/errata/RHSA-2011-0927.html and https://rhn.redhat.com/errata/RHSA-2011-0498.html.
Дополнительная информация
Статус:
5.4 Medium
CVSS2
Связанные уязвимости
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data.
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data.
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip ...
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data.
ELSA-2011-2015: Oracle Linux 6 Unbreakable Enterprise kernel security fix update (IMPORTANT)
5.4 Medium
CVSS2