Описание
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.10.0-19.21 |
| esm-infra-legacy/trusty | not-affected | 3.13.0-108.155 |
| esm-infra/xenial | not-affected | 4.4.0-57.78 |
| precise | released | 3.2.0-121.164 |
| precise/esm | not-affected | 3.2.0-121.164 |
| trusty | released | 3.13.0-108.155 |
| trusty/esm | not-affected | 3.13.0-108.155 |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | released | 3.19.0-80.88 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | released | 3.2.0-1682.109 |
| precise/esm | DNE | precise was released [3.2.0-1682.109] |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | 4.4.0-1002.2 |
| esm-infra/xenial | not-affected | 4.4.0-1001.10 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | not-affected | 4.4.0-1002.2 |
| trusty/esm | not-affected | 4.4.0-1002.2 |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | ignored | end of life |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | not-affected | 4.4.0-1003.3 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | not-affected | 4.8.0-36.36~16.04.1 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | not-affected | 4.8.0-36.36~16.04.1 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was ignored [abandoned] |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was ignored [abandoned] |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was ignored [abandoned] |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | ignored | end of life, was ignored |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | ignored | end of life, was ignored |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | ignored | end of life, was ignored |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | released | 3.13.0-108.155~precise1 |
| precise/esm | not-affected | 3.13.0-108.155~precise1 |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [end of standard support]] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was ignored [end of standard support] |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [3.19.0-80.88~14.04.1]] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | released | 3.19.0-80.88~14.04.1 |
| trusty/esm | DNE | trusty was released [3.19.0-80.88~14.04.1] |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [end of standard support]] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was ignored [end of standard support] |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | 4.4.0-57.78~14.04.1 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | released | 4.4.0-57.78~14.04.1 |
| trusty/esm | not-affected | 4.4.0-57.78~14.04.1 |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | ignored | end of life |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | |
| trusty/esm | DNE | trusty was ignored |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was ignored [abandoned] |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.10.0-1004.6 |
| esm-infra-legacy/trusty | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | ignored | end of life, was needed |
| xenial | released | 4.4.0-1038.45 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.4.0-1050.54 |
| esm-infra-legacy/trusty | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 4.4.0-1042.46 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | released | 3.2.0-1499.126 |
| precise/esm | DNE | precise was released [3.2.0-1499.126] |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.9~rc4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
Ссылки на источники
EPSS
10 Critical
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kern ...
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.
ELSA-2016-3652: Unbreakable Enterprise kernel security update (IMPORTANT)
EPSS
10 Critical
CVSS2
9.8 Critical
CVSS3