Lucene search

[email protected]NVD:CVE-2008-4618

HistoryOct 21, 2008 - 12:10 a.m.

CVE-2008-4618

2008-10-2100:10:53

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.2

Confidence

Low

EPSS

0.002

Percentile

59.1%

JSON

The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service (panic) via unspecified vectors, related to sctp_sf_violation_paramlen, sctp_sf_abort_violation, sctp_make_abort_violation, and incorrect data types in function calls.

Affected configurations

Nvd

Node

linuxlinux_kernelRange≤2.6.26.5

linuxlinux_kernelMatch2.2.27

linuxlinux_kernelMatch2.4.36

linuxlinux_kernelMatch2.4.36.1

linuxlinux_kernelMatch2.4.36.2

linuxlinux_kernelMatch2.4.36.3

linuxlinux_kernelMatch2.4.36.4

linuxlinux_kernelMatch2.4.36.5

linuxlinux_kernelMatch2.4.36.6

linuxlinux_kernelMatch2.6

linuxlinux_kernelMatch2.6.18

linuxlinux_kernelMatch2.6.18rc1

linuxlinux_kernelMatch2.6.18rc2

linuxlinux_kernelMatch2.6.18rc3

linuxlinux_kernelMatch2.6.18rc4

linuxlinux_kernelMatch2.6.18rc5

linuxlinux_kernelMatch2.6.18rc6

linuxlinux_kernelMatch2.6.18rc7

linuxlinux_kernelMatch2.6.19.4

linuxlinux_kernelMatch2.6.19.5

linuxlinux_kernelMatch2.6.19.6

linuxlinux_kernelMatch2.6.19.7

linuxlinux_kernelMatch2.6.20.16

linuxlinux_kernelMatch2.6.20.17

linuxlinux_kernelMatch2.6.20.18

linuxlinux_kernelMatch2.6.20.19

linuxlinux_kernelMatch2.6.20.20

linuxlinux_kernelMatch2.6.20.21

linuxlinux_kernelMatch2.6.21.5

linuxlinux_kernelMatch2.6.21.6

linuxlinux_kernelMatch2.6.21.7

linuxlinux_kernelMatch2.6.22

linuxlinux_kernelMatch2.6.22.1

linuxlinux_kernelMatch2.6.22.2

linuxlinux_kernelMatch2.6.22.8

linuxlinux_kernelMatch2.6.22.9

linuxlinux_kernelMatch2.6.22.10

linuxlinux_kernelMatch2.6.22.11

linuxlinux_kernelMatch2.6.22.12

linuxlinux_kernelMatch2.6.22.13

linuxlinux_kernelMatch2.6.22.14

linuxlinux_kernelMatch2.6.22.15

linuxlinux_kernelMatch2.6.22.17

linuxlinux_kernelMatch2.6.22.18

linuxlinux_kernelMatch2.6.22.19

linuxlinux_kernelMatch2.6.22.20

linuxlinux_kernelMatch2.6.22.21

linuxlinux_kernelMatch2.6.22.22

linuxlinux_kernelMatch2.6.22_rc1

linuxlinux_kernelMatch2.6.22_rc7

linuxlinux_kernelMatch2.6.23

linuxlinux_kernelMatch2.6.23.8

linuxlinux_kernelMatch2.6.23.9

linuxlinux_kernelMatch2.6.23.10

linuxlinux_kernelMatch2.6.23.11

linuxlinux_kernelMatch2.6.23.12

linuxlinux_kernelMatch2.6.23.13

linuxlinux_kernelMatch2.6.23.15

linuxlinux_kernelMatch2.6.23.16

linuxlinux_kernelMatch2.6.23.17

linuxlinux_kernelMatch2.6.23_rc1

linuxlinux_kernelMatch2.6.24

linuxlinux_kernelMatch2.6.24.1

linuxlinux_kernelMatch2.6.24.2

linuxlinux_kernelMatch2.6.24.3

linuxlinux_kernelMatch2.6.24.4

linuxlinux_kernelMatch2.6.24.5

linuxlinux_kernelMatch2.6.24.6

linuxlinux_kernelMatch2.6.24.7

linuxlinux_kernelMatch2.6.24_rc1

linuxlinux_kernelMatch2.6.24_rc4

linuxlinux_kernelMatch2.6.24_rc5

linuxlinux_kernelMatch2.6.25

linuxlinux_kernelMatch2.6.25x86_64

linuxlinux_kernelMatch2.6.25.1

linuxlinux_kernelMatch2.6.25.1x86_64

linuxlinux_kernelMatch2.6.25.2

linuxlinux_kernelMatch2.6.25.2x86_64

linuxlinux_kernelMatch2.6.25.3

linuxlinux_kernelMatch2.6.25.3x86_64

linuxlinux_kernelMatch2.6.25.4

linuxlinux_kernelMatch2.6.25.4x86_64

linuxlinux_kernelMatch2.6.25.5

linuxlinux_kernelMatch2.6.25.5x86_64

linuxlinux_kernelMatch2.6.25.6

linuxlinux_kernelMatch2.6.25.6x86_64

linuxlinux_kernelMatch2.6.25.7

linuxlinux_kernelMatch2.6.25.7x86_64

linuxlinux_kernelMatch2.6.25.8

linuxlinux_kernelMatch2.6.25.8x86_64

linuxlinux_kernelMatch2.6.25.9

linuxlinux_kernelMatch2.6.25.9x86_64

linuxlinux_kernelMatch2.6.25.10

linuxlinux_kernelMatch2.6.25.10x86_64

linuxlinux_kernelMatch2.6.25.11

linuxlinux_kernelMatch2.6.25.11x86_64

linuxlinux_kernelMatch2.6.25.12

linuxlinux_kernelMatch2.6.25.12x86_64

linuxlinux_kernelMatch2.6.25.13

linuxlinux_kernelMatch2.6.25.14

linuxlinux_kernelMatch2.6.25.15

linuxlinux_kernelMatch2.6.25.16

linuxlinux_kernelMatch2.6.25.17

linuxlinux_kernelMatch2.6.26

linuxlinux_kernelMatch2.6.26rc4

linuxlinux_kernelMatch2.6.26.1

linuxlinux_kernelMatch2.6.26.2

linuxlinux_kernelMatch2.6.26.3

linuxlinux_kernelMatch2.6.26.4

References

git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=ba0166708ef4da7eeb61dd92bbba4d5a749d6561

lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html

secunia.com/advisories/32918

secunia.com/advisories/32998

secunia.com/advisories/33586

www.debian.org/security/2008/dsa-1681

www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27

www.openwall.com/lists/oss-security/2008/10/06/1

www.redhat.com/support/errata/RHSA-2009-0009.html

www.securityfocus.com/bid/31848

www.ubuntu.com/usn/usn-679-1

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.2

Confidence

Low

EPSS

0.002

Percentile

59.1%

JSON

Related for NVD:CVE-2008-4618

cve1 cvelist1 veracode1 openvas8 ubuntucve1 prion1 redhat1 suse1 nessus2 ubuntu1 debian1 osv1