net/sctp/sm_make_chunk.c in the Linux kernel prior to 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote malicious users to cause a denial of service (OOPS) via crafted packet data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |