Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-2206

Опубликовано: 13 мар. 2013
Источник: redhat
CVSS2: 5.4
EPSS Низкий

Описание

The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.

Отчет

This issue does affect Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6. This issue does not affect Linux kernel packages as shipped with Red Hat Enterprise MRG 2 as they already contain the fix.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise MRG 2realtime-kernelNot affected
OpenStack 3 for RHEL 6kernelFixedRHSA-2013:119503.09.2013
Red Hat Enterprise Linux 5kernelFixedRHSA-2013:116620.08.2013
Red Hat Enterprise Linux 6kernelFixedRHSA-2013:117327.08.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=976562kernel: sctp: duplicate cookie handling NULL pointer dereference

EPSS

Процентиль: 87%
0.03209
Низкий

5.4 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-2206

ubuntu
около 12 лет назад

The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.

nvd логотип

CVE-2013-2206

nvd
около 12 лет назад

The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.

debian логотип

CVE-2013-2206

debian
около 12 лет назад

The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in th ...

github логотип

GHSA-xhcg-p7cj-pf6v

github
около 3 лет назад

The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.

oracle-oval логотип

ELSA-2013-2542

oracle-oval
почти 12 лет назад

ELSA-2013-2542: unbreakable enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 87%
0.03209
Низкий

5.4 Medium

CVSS2