CVE-2008-4576

2008-10-15T16:07:42
ID CVE-2008-4576
Type cve
Reporter NVD
Modified 2017-09-28T21:32:13

Description

sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires.