Описание
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.
A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system.
Отчет
This issue did not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future Linux kernel updates for the respective releases may address this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2015:0864 | 21.04.2015 |
| Red Hat Enterprise Linux 6.2 Advanced Update Support | kernel | Fixed | RHSA-2015:1082 | 09.06.2015 |
| Red Hat Enterprise Linux 6.4 Advanced Update Support | kernel | Fixed | RHSA-2015:1030 | 27.05.2015 |
| Red Hat Enterprise Linux 6.5 Extended Update Support | kernel | Fixed | RHSA-2015:0782 | 07.04.2015 |
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2015:0727 | 26.03.2015 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2015:0726 | 26.03.2015 |
| Red Hat Enterprise MRG 2 | kernel-rt | Fixed | RHSA-2015:0751 | 30.03.2015 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.1 High
CVSS2
Связанные уязвимости
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.
Use-after-free vulnerability in the sctp_assoc_update function in net/ ...
Security update for kgraft-patch-SLE12_Update_1, kgraft-patch-SLE12_Update_2
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.
EPSS
7.1 High
CVSS2