CVE-2014-5077

Опубликовано: 01 авг. 2014

Источник: ubuntu

Приоритет: medium

EPSS Средний

CVSS2: 7.1

Описание

The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction.

Релиз	Статус	Примечание
devel	not-affected	4.10.0-19.21
esm-infra-legacy/trusty	not-affected	3.13.0-36.63
esm-infra/xenial	not-affected	4.2.0-16.19
lucid	released	2.6.32-65.131
precise	released	3.2.0-68.102
precise/esm	not-affected	3.2.0-68.102
trusty	released	3.13.0-36.63
trusty/esm	not-affected	3.13.0-36.63
upstream	released	3.16
utopic	not-affected	3.16.0-7.12

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	released	3.2.0-1637.54
precise/esm	DNE	precise was released [3.2.0-1637.54]
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-1002.2
esm-infra/xenial	not-affected	4.4.0-1001.10
precise	DNE
precise/esm	DNE
trusty	not-affected	4.4.0-1002.2
trusty/esm	not-affected	4.4.0-1002.2
upstream	released	3.16
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	released	2.6.32-369.85
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.16
utopic	ignored	end of life

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	ignored	end of life
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected	4.4.0-1003.3

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.16
utopic	ignored	end of life

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.16
utopic	ignored	end of life
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	ignored	end of life, was pending
precise/esm	DNE	precise was ignored [was pending [3.5.0-55.82~precise1] OEM release]
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	ignored	end of life, was needed
precise/esm	ignored	end of life, was needed
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	ignored	end of life, was pending
precise/esm	DNE	precise was ignored [was pending [3.11.0-28.48~precise1] OEM release]
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	released	3.13.0-36.63~precise1
precise/esm	not-affected	3.13.0-36.63~precise1
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [3.16.0-25.33~14.04.2]]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	not-affected	3.16.0-25.33~14.04.2
trusty/esm	DNE	trusty was not-affected [3.16.0-25.33~14.04.2]
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [3.19.0-18.18~14.04.1]]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	not-affected	3.19.0-18.18~14.04.1
trusty/esm	DNE	trusty was not-affected [3.19.0-18.18~14.04.1]
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [4.2.0-18.22~14.04.1]]
precise	DNE
precise/esm	DNE
trusty	not-affected	4.2.0-18.22~14.04.1
trusty/esm	DNE	trusty was not-affected [4.2.0-18.22~14.04.1]
upstream	released	3.16
vivid	DNE
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-13.29~14.04.1
precise	DNE
precise/esm	DNE
trusty	not-affected	4.4.0-13.29~14.04.1
trusty/esm	not-affected	4.4.0-13.29~14.04.1
upstream	released	3.16
vivid	DNE
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.16
utopic	ignored	end of life

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.16
utopic	ignored	end of life
vivid	ignored	end of life

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	ignored	end of life
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	ignored	end of life
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Релиз	Статус	Примечание
devel	not-affected	4.10.0-1004.6
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
vivid	DNE
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	released	4.2.0-1014.21

Показывать по

Релиз	Статус	Примечание
devel	not-affected	4.4.0-1050.54
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
lucid	DNE
precise	released	3.2.0-1452.72
precise/esm	DNE	precise was released [3.2.0-1452.72]
trusty	DNE
trusty/esm	DNE
upstream	released	3.16
utopic	DNE
vivid	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 94%

0.14696

Средний

7.1 High

CVSS2

Связанные уязвимости

CVE-2014-5077

redhat

почти 11 лет назад

CVE-2014-5077

nvd

почти 11 лет назад

CVE-2014-5077

debian

почти 11 лет назад

The sctp_assoc_update function in net/sctp/associola.c in the Linux ke ...

GHSA-h74m-54fh-xp9p

github

около 3 лет назад

ELSA-2014-1724

oracle-oval

больше 10 лет назад

ELSA-2014-1724: kernel security and bug fix update (IMPORTANT)

EPSS

Процентиль: 94%

0.14696

Средний

7.1 High

CVSS2

CVE-2014-5077

Описание

Пакет linux

Пакет linux-armadaxp

Пакет linux-aws

Пакет linux-ec2

Пакет linux-flo

Пакет linux-fsl-imx51

Пакет linux-gke

Пакет linux-goldfish

Пакет linux-grouper

Пакет linux-hwe

Пакет linux-hwe-edge

Пакет linux-linaro-omap

Пакет linux-linaro-shared

Пакет linux-linaro-vexpress

Пакет linux-lts-quantal

Пакет linux-lts-raring

Пакет linux-lts-saucy

Пакет linux-lts-trusty

Пакет linux-lts-utopic

Пакет linux-lts-vivid

Пакет linux-lts-wily

Пакет linux-lts-xenial

Пакет linux-maguro

Пакет linux-mako

Пакет linux-manta

Пакет linux-mvl-dove

Пакет linux-qcm-msm

Пакет linux-raspi2

Пакет linux-snapdragon

Пакет linux-ti-omap4

Ссылки на источники

Связанные уязвимости