Lucene search

Veracode Vulnerability DatabaseVERACODE:19362

HistoryMay 16, 2019 - 3:01 a.m.

Denial Of Service (DoS)

2019-05-1603:01:40

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

JSON

Linux Kernel is vulnerable to denial of service. Missing length check of payload in _sctp_make_chunk() function allows a local attacker to cause a kernel crash. The file net/sctp/sm_make_chunk.c of the component SCTP Packet Handler is affected.

CPENameOperatorVersion
kerneleq2.6.32__696.1.1.bgq.el6
kerneleq2.6.32__696.28.1.el6
kerneleq2.6.32__642.6.2.el6
kerneleq2.6.32__358.6.1.el6
kerneleq2.6.32__431.40.2.el6
kerneleq3.10.0__693.el7
kerneleq2.6.32__642.3.1.el6
kerneleq2.6.32__131.17.1.el6
kerneleq2.6.32__71.18.2.el6
kerneleq2.6.32__358.14.1.el6

Name	Operator	Version
kernel	eq	2.6.32__696.1.1.bgq.el6
kernel	eq	2.6.32__696.28.1.el6
kernel	eq	2.6.32__642.6.2.el6
kernel	eq	2.6.32__358.6.1.el6
kernel	eq	2.6.32__431.40.2.el6
kernel	eq	3.10.0__693.el7
kernel	eq	2.6.32__642.3.1.el6
kernel	eq	2.6.32__131.17.1.el6
kernel	eq	2.6.32__71.18.2.el6
kernel	eq	2.6.32__358.14.1.el6

Rows per page:

1-10 of 4241

References

access.redhat.com/documentation/en-US/red_hat_enterprise_linux/6/html/6.10_release_notes/index.html

access.redhat.com/documentation/en-US/red_hat_enterprise_linux/6/html/6.10_technical_notes/index.html

access.redhat.com/errata/RHSA-2018:1854

access.redhat.com/errata/RHSA-2018:2948

access.redhat.com/errata/RHSA-2018:3083

access.redhat.com/errata/RHSA-2018:3096

access.redhat.com/errata/RHSA-2019:0641

access.redhat.com/security/updates/classification/#important

access.redhat.com/security/vulnerabilities/ssbd

bugzilla.redhat.com/show_bug.cgi?id=1448170

bugzilla.redhat.com/show_bug.cgi?id=1497152

bugzilla.redhat.com/show_bug.cgi?id=1560494

bugzilla.redhat.com/show_bug.cgi?id=869942

cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102

cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51

cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25

cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8

cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121

cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87

git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c

lists.debian.org/debian-lts-announce/2018/05/msg00000.html

secuniaresearch.flexerasoftware.com/advisories/81331/

secuniaresearch.flexerasoftware.com/secunia_research/2018-2/

usn.ubuntu.com/3654-1/

usn.ubuntu.com/3654-2/

usn.ubuntu.com/3656-1/

usn.ubuntu.com/3697-1/

usn.ubuntu.com/3697-2/

usn.ubuntu.com/3698-1/

usn.ubuntu.com/3698-2/

www.debian.org/security/2018/dsa-4187

www.debian.org/security/2018/dsa-4188

www.spinics.net/lists/linux-sctp/msg07036.html

www.spinics.net/lists/netdev/msg482523.html

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

JSON

Related for VERACODE:19362