Linux Kernel SCTP Chunk Length Calculation Parameter Processing Overflow DoS

2006-05-22T09:17:35
ID OSVDB:25696
Type osvdb
Reporter OSVDB
Modified 2006-05-22T09:17:35

Description

Vulnerability Description

The Linux kernel contains a flaw that may allow a remote denial of service. The issue is triggered because of a flaw in the bounds checking process of chunk lengths and parameter lengths defined in 'include/net/sctp/sctp.h'. This might lead to attempted access of invalid memory and might result in a kernel crash and hence loss of availability for the platform.

Solution Description

Upgrade to version 2.4.33, 2.6.16.17 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

The Linux kernel contains a flaw that may allow a remote denial of service. The issue is triggered because of a flaw in the bounds checking process of chunk lengths and parameter lengths defined in 'include/net/sctp/sctp.h'. This might lead to attempted access of invalid memory and might result in a kernel crash and hence loss of availability for the platform.

References:

Vendor URL: http://kernel.org/ Vendor Specific News/Changelog Entry: http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33 Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:20671 Secunia Advisory ID:21045 Secunia Advisory ID:21476 Secunia Advisory ID:20185 Secunia Advisory ID:21179 Secunia Advisory ID:21498 Secunia Advisory ID:21954 Secunia Advisory ID:20716 Secunia Advisory ID:21605 Secunia Advisory ID:22174 Related OSVDB ID: 25695 Related OSVDB ID: 25697 RedHat RHSA: RHSA-2006:0617 Other Advisory URL: http://www.us.debian.org/security/2006/dsa-1097 Other Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:123 CVE-2006-1858