Published: 11/03/2014 Updated: 13/02/2023

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel up to and including 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote malicious users to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
redhat enterprise linux server aus 6.5
redhat enterprise linux server tus 6.5
redhat enterprise linux server aus 6.4
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0
redhat enterprise linux eus 6.3
redhat enterprise linux eus 6.5
redhat enterprise linux eus 6.4
canonical ubuntu linux 10.04
f5 big-iq centralized management 4.6.0
f5 big-iq adc 4.5.0
f5 big-iq security
f5 big-iq device
f5 big-iq cloud
f5 big-ip edge gateway
f5 big-ip protocol security module
f5 big-ip wan optimization manager
f5 big-ip webaccelerator
f5 big-ip application acceleration manager
f5 big-ip advanced firewall manager
f5 big-ip analytics
f5 big-ip policy enforcement manager
f5 big-ip enterprise manager
f5 big-ip access policy manager
f5 big-ip global traffic manager
f5 big-ip application security manager
f5 big-ip link controller
f5 big-ip local traffic manager

The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefunsc in the Linux kernel through 3136 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chun ...

A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on the system ...

Several security issues were fixed in the kernel ...

Writeup of the Oracle DSR stack buffer overflow vulnerability (DRA) CVE-2014-6598

Security vulnerabilities in Oracle DSR KPN CISO REDteam KPN is a telecom operator located in the Netherlands The CISO REDteam was introduced in 2013 and is KPN’s ethical hacking team This team is involved in security tests of KPN applications and services to ensure that our customers’ data is safe from unauthorized access, modification and data loss Diameter Rout

CWE-476 http://www.openwall.com/lists/oss-security/2014/03/04/6 https://bugzilla.redhat.com/show_bug.cgi?id=1070705 https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729 http://rhn.redhat.com/errata/RHSA-2014-0328.html http://www.securityfocus.com/bid/65943 http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html http://secunia.com/advisories/59216 http://www.ubuntu.com/usn/USN-2174-1 http://www.ubuntu.com/usn/USN-2173-1 http://rhn.redhat.com/errata/RHSA-2014-0432.html http://rhn.redhat.com/errata/RHSA-2014-0419.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729 https://nvd.nist.gov https://github.com/KPN-CISO/DRA_writeup https://alas.aws.amazon.com/ALAS-2014-317.html https://access.redhat.com/security/cve/cve-2014-0101 https://usn.ubuntu.com/2174-1/

CVE-2014-0101

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect