7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.643 Medium
EPSS
Percentile
97.8%
The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the
Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote
attackers to cause a denial of service (system crash) via an SCTPChunkInit
packet containing multiple invalid parameters that require a large amount
of error data.