18 matches found
VulnCheck KEV: CVE-2010-1173
The sctpprocessunkparam function in net/sctp/smmakechunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service system crash via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000803)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000803 advisory. The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001916)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001916 advisory. The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to...
K16016: Linux kernel SCTP vulnerability CVE-2014-7841
Security Advisory Description The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...
SUSE CVE-2010-1173
The sctpprocessunkparam function in net/sctp/smmakechunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service system crash via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data...
SUSE CVE-2011-1573
net/sctp/smmakechunk.c in the Linux kernel before 2.6.34, when addipenable and authenable are used, does not consider the amount of zero padding during calculation of chunk lengths for 1 INIT and 2 INIT ACK chunks, which allows remote attackers to cause a denial of service OOPS via crafted packet...
SUSE CVE-2014-7841
The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...
Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2467-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2467-1 advisory. A null pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this fl...
CVE-2014-7841
The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...
DEBIAN-CVE-2014-7841
The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...
Null pointer dereference
The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...
CVE-2014-7841
The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...
CVE-2014-7841
The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...
CVE-2014-7841
The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...
PT-2014-1822 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.17.4 kernel-debuginfo-2.6.32 versions 2.6.32 kernel-debug-devel-2.6.32 versions 2.6.32 kernel-doc-2.6.32 versions 2.6.32 kernel-debuginfo-common-i686 versions 2.6.32 kernel-headers-2.6.32 versions 2.6.32...
Null pointer dereference
The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash via an...
kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set
net/sctp/smmakechunk.c in the Linux kernel before 2.6.34, when addipenable and authenable are used, does not consider the amount of zero padding during calculation of chunk lengths for 1 INIT and 2 INIT ACK chunks, which allows remote attackers to cause a denial of service OOPS via crafted packet...
kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set
net/sctp/smmakechunk.c in the Linux kernel before 2.6.34, when addipenable and authenable are used, does not consider the amount of zero padding during calculation of chunk lengths for 1 INIT and 2 INIT ACK chunks, which allows remote attackers to cause a denial of service OOPS via crafted packet...