248 matches found
DEBIAN-CVE-2014-3673
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/smstatefuns.c...
UBUNTU-CVE-2014-3687
The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service panic via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter...
UBUNTU-CVE-2014-3673
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/smstatefuns.c...
Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions
A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...
Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions
A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...
Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions
A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...
Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions
A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...
wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)
Integer overflow in the dissectsackchunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service infinite loop via a crafted Duplicate TSN count...
wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)
REJECTED CVE This CVE has been rejected. This candidate is a duplicate of CVE-2012-6056. Note: All CVE users should reference CVE-2012-6056 instead of this candidate...
UBUNTU-CVE-2014-0101
The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash via an...
wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)
Integer overflow in the dissectsackchunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service infinite loop via a crafted Duplicate TSN count...
UBUNTU-CVE-2013-4350
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network...
kernel: sctp: duplicate cookie handling NULL pointer dereference
The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...
DEBIAN-CVE-2013-2206
The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...
UBUNTU-CVE-2013-2206
The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...
UBUNTU-CVE-2012-6056
Integer overflow in the dissectsackchunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service infinite loop via a crafted Duplicate TSN count...
PT-2013-1396 · Red Hat +1 · Red Hat +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.21 Red Hat Enterprise Linux RHEL 5 Description: The issue is related to a certain Red Hat patch to the sctp sock migrate function in net/sctp/socket.c in the Linux kernel. It allows remote attackers to cause...
kernel: sctp: a race between ICMP protocol unreachable and connect()
Race condition in the sctpicmpprotounreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service panic via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and...
kernel: sctp: do not reset the packet during sctp_packet_config
The sctppacketconfig function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service panic via a certain sequence of SCTP traffic...
kernel: sctp remote denial of service
The sctprcvootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service infinite loop via 1 an Out Of The Blue OOTB chunk or 2 a chunk of zero length...