Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2008-2826

Published: 02/07/2008 Updated: 07/11/2023
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 437
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Linux Kernel

Vulnerability Summary

Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel prior to 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

opensuse opensuse 11.0

opensuse opensuse 10.3

debian debian linux 4.0

canonical ubuntu linux 7.04

canonical ubuntu linux 7.10

canonical ubuntu linux 8.04

canonical ubuntu linux 6.06

Vendor Advisories

Ubuntu Security Notice: linux, linux-source-2.6.15/20/22 vulnerabilities
Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets A remote attacker could exploit this to crash the system, leading to a denial of service (CVE-2007-6282) ...
Debian Security Advisories: DSA-1630-1 linux-2.6 -- denial of service/information leak
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-6282 Dirk Nehring discovered a vulnerability in the IPsec code that allows remote users to cause a denial of service ...

References

CWE-190http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.9http://lwn.net/Articles/287350/http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0207https://issues.rpath.com/browse/RPL-2629http://www.securityfocus.com/bid/29990http://www.securitytracker.com/id?1020514http://secunia.com/advisories/31202http://secunia.com/advisories/30901http://secunia.com/advisories/31107http://www.mandriva.com/security/advisories?name=MDVSA-2008:174http://www.ubuntu.com/usn/usn-625-1http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:167http://secunia.com/advisories/31628http://www.redhat.com/support/errata/RHSA-2008-0585.htmlhttp://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.7http://www.debian.org/security/2008/dsa-1630http://secunia.com/advisories/31551http://www.vupen.com/english/advisories/2008/2511http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.htmlhttp://secunia.com/advisories/32370https://exchange.xforce.ibmcloud.com/vulnerabilities/43559http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=735ce972fbc8a65fb17788debd7bbe7b4383cc62https://usn.ubuntu.com/625-1/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook