Secunia Research has discovered a vulnerability in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). An error in the β_sctp_make_chunk()β function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. The vulnerability is confirmed in versions 4.15.0-r7 and 4.15.0. Other versions may also be affected.
Linux Kernel "_sctp_make_chunk()" Denial of Service Vulnerability
======================================================================
1) Affected Software
* Linux Kernel version 4.15.0.
Other versions may also by affected.
======================================================================
2) Severity
Rating: Not critical
Impact: Denial of Service
Where: Local System
======================================================================
3) Description of Vulnerability
Secunia Research has discovered a vulnerability in Linux Kernel, which
can be exploited by malicious, local users to cause a DoS (Denial of
Service).
An error in the "_sctp_make_chunk()" function
(net/sctp/sm_make_chunk.c) when handling SCTP packets length can be
exploited to cause a kernel crash.
The vulnerability is confirmed in versions 4.15.0-r7 and 4.15.0.
Other versions may also be affected.
======================================================================
4) Solution
Fixed in the source code repository.
https://git.kernel.org/linus/07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c
======================================================================
5) Time Table
2018/02/07 - Linux Kernel team contacted with vulnerability details.
2018/02/07 - Linux Kernel team advised reporting the vulnerability
publicly via netdev mailing list.
2018/02/07 - Public disclosure of the vulnerability on netdev mailing
list.
2018/02/09 - The vulnerability additionally reported on linux-sctp
mailing list.
2018/02/28 - Release of Secunia Advisory SA81331.
2018/02/28 - Public disclosure of Secunia Research Advisory.
======================================================================
6) Credits
Jakub Jirasek, Secunia Research at Flexera.
Additionally reported by Alexey Kodanev.
# 0day.today [2018-04-08] #