17 matches found
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1483)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
kernel: SCTP race condition allows list corruption and panic from userlevel
A race condition flaw was found in the way the Linux kernel's SCTP implementation handled Address Configuration lists when performing Address Configuration Change ASCONF. A local attacker could use this flaw to crash the system via a race condition triggered by setting certain ASCONF options on a...
USN-2718-1: Linux kernel (Vivid HWE) vulnerability
Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change ASCONF options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service system crash...
Ubuntu: Security Advisory (USN-2715-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...
kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...
kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled malformed Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...
Scientific Linux Security Update : kernel on SL7.x x86_64 (20150128)
A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...
kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...
kernel: net: sctp: fix panic on duplicate ASCONF chunks
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled duplicate Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS...
kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled malformed Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...
kernel: net: sctp: fix panic on duplicate ASCONF chunks
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled duplicate Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...
kernel: net: sctp: fix panic on duplicate ASCONF chunks
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled duplicate Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...
UBUNTU-CVE-2014-7841
The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...