258 matches found
kernel: net: slab corruption from use after free on INIT collisions
A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...
USN-2563-1 linux vulnerabilities
Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP Stream Control Transmission Protocol subsystem during INIT collisions. A remote attacker could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges on the system. CVE-2015-1421...
kernel: net: slab corruption from use after free on INIT collisions
A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...
kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...
kernel: net: sctp: fix panic on duplicate ASCONF chunks
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled duplicate Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...
kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled malformed Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...
kernel: net: sctp: fix panic on duplicate ASCONF chunks
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled duplicate Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...
kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled malformed Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...
DEBIAN-CVE-2014-3688
The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service memory consumption by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/smstatefuns.c...
UBUNTU-CVE-2014-7841
The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...
DEBIAN-CVE-2014-3673
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/smstatefuns.c...
UBUNTU-CVE-2014-3673
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/smstatefuns.c...
UBUNTU-CVE-2014-3687
The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service panic via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter...
Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions
A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...
Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions
A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...
Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions
A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...
Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions
A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...
wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)
REJECTED CVE This CVE has been rejected. This candidate is a duplicate of CVE-2012-6056. Note: All CVE users should reference CVE-2012-6056 instead of this candidate...
wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)
Integer overflow in the dissectsackchunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service infinite loop via a crafted Duplicate TSN count...
UBUNTU-CVE-2014-0101
The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash via an...