258 matches found
kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service
An error in the "sctpmakechunk" function net/sctp/smmakechunk.c when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS...
kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service
An error in the "sctpmakechunk" function net/sctp/smmakechunk.c when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS...
DEBIAN-CVE-2018-5803
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "sctpmakechunk" function net/sctp/smmakechunk.c when handling SCTP packets length can be exploited to cause a kernel crash...
CVE-2017-15344
Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker coul...
CVE-2017-15317
AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20,...
Huawei AR3200 Integer Overflow Vulnerability
Huawei AR3200 Series Enterprise Router is a new generation of network products launched by Huawei. The Huawei AR3200 suffers from an integer overflow vulnerability, which is due to the device failing to adequately verify certain fields in SCTP messages. An attacker successfully exploited the...
USN-3266-2 linux-hwe vulnerability
USN-3266-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. Alexander Popov discovered that a race condition existed in the Stream Control Transmission...
USN-3264-1 linux vulnerability
Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol SCTP implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash...
DEBIAN-CVE-2017-6353
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service invalid unlock and double free via a multithreaded application. NOTE: this vulnerability exists because...
USN-3188-1 linux vulnerability
Andrey Konovalov discovered that the SCTP implementation in the Linux kernel improperly handled validation of incoming data. A remote attacker could use this to cause a denial of service system crash...
Linux Kernel Information Disclosure Vulnerability (CNVD-2016-11671)
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the 'sctpsfootb' function of the net/sctp/smstatefuns.c file in versions of the Linux kernel prior to 4.8.8, which stems from the program's...
UBUNTU-CVE-2016-9555
The sctpsfootb function in net/sctp/smstatefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service out-of-bounds slab access or possibly have unspecified other impact via crafted SCTP data...
kernel: SCTP denial of service during timeout
A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctpaccept during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a deni...
USN-2932-1 linux-lts-vivid vulnerabilities
Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...
Wireshark SCTP Parser Denial of Service Vulnerability
Wireshark is the most popular network protocol parser. Wireshark version 2.0.x prior to 2.0.1 and version 1.12.x prior to 1.12.9, epan/dissectors/packet-sctp.c in the SCTP parser does not validate the frame pointer, which can be exploited by remote attackers to cause a denial of service null...
UBUNTU-CVE-2015-8722
epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted packet...
kernel: Creating multiple sockets when SCTP module isn't loaded leads to kernel panic
A NULL pointer dereference flaw was found in the SCTP implementation. A local user could use this flaw to cause a denial of service on the system by triggering a kernel panic when creating multiple sockets in parallel while the system did not have the SCTP module loaded...
USN-2797-1 linux-lts-utopic vulnerabilities
It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...
kernel: SCTP race condition allows list corruption and panic from userlevel
A race condition flaw was found in the way the Linux kernel's SCTP implementation handled Address Configuration lists when performing Address Configuration Change ASCONF. A local attacker could use this flaw to crash the system via a race condition triggered by setting certain ASCONF options on a...
USN-2717-1 linux-lts-utopic vulnerability
Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change ASCONF options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service system crash...