Mozilla Firefox < 84.0.2

The version of Firefox installed on the remote Windows host is prior to 84.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-01 advisory. - A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a...

Mozilla Firefox < 84.0.2

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 84.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-01 advisory. - A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a...

kernel: sctp: sk_ack_backlog wrap-around problem

An integer underflow flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation processed certain COOKIEECHO packets. By sending a specially crafted SCTP packet, a remote attacker could use this flaw to prevent legitimate connections to a particular SCTP...

kernel: sctp: sk_ack_backlog wrap-around problem

An integer underflow flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation processed certain COOKIEECHO packets. By sending a specially crafted SCTP packet, a remote attacker could use this flaw to prevent legitimate connections to a particular SCTP...

kernel: sctp: sk_ack_backlog wrap-around problem

An integer underflow flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation processed certain COOKIEECHO packets. By sending a specially crafted SCTP packet, a remote attacker could use this flaw to prevent legitimate connections to a particular SCTP...

kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk

A flaw was found in the way the Linux kernel processed an authenticated COOKIEECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on th...

kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk

A flaw was found in the way the Linux kernel processed an authenticated COOKIEECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on th...

kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk

A flaw was found in the way the Linux kernel processed an authenticated COOKIEECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on th...

kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk

A flaw was found in the way the Linux kernel processed an authenticated COOKIEECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on th...

DEBIAN-CVE-2014-0101

The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash via an...

UBUNTU-CVE-2014-0101

The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash via an...

kernel: sctp: duplicate cookie handling NULL pointer dereference

The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...

kernel: sctp: duplicate cookie handling NULL pointer dereference

The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...

DEBIAN-CVE-2013-2206

The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...

UBUNTU-CVE-2013-2206

The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...

PT-2013-3596 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.8.5 Description: The issue is related to the SCTP implementation in the Linux kernel, specifically the sctp sf do 5 2 4 dupcook function. It does not properly handle associations when processing a duplicate...

security flaw

Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service kernel panic via incoming IP fragmented 1 COOKIEECHO and 2 HEARTBEAT SCTP control chunks...