The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel up to and including 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote malicious users to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
redhat enterprise linux server aus 6.5 |
||
redhat enterprise linux server tus 6.5 |
||
redhat enterprise linux server aus 6.4 |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux workstation 6.0 |
||
redhat enterprise linux eus 6.3 |
||
redhat enterprise linux eus 6.5 |
||
redhat enterprise linux eus 6.4 |
||
canonical ubuntu linux 10.04 |
||
f5 big-iq centralized management 4.6.0 |
||
f5 big-iq adc 4.5.0 |
||
f5 big-iq security |
||
f5 big-iq device |
||
f5 big-iq cloud |
||
f5 big-ip edge gateway |
||
f5 big-ip protocol security module |
||
f5 big-ip wan optimization manager |
||
f5 big-ip webaccelerator |
||
f5 big-ip application acceleration manager |
||
f5 big-ip advanced firewall manager |
||
f5 big-ip analytics |
||
f5 big-ip policy enforcement manager |
||
f5 big-ip enterprise manager |
||
f5 big-ip access policy manager |
||
f5 big-ip global traffic manager |
||
f5 big-ip application security manager |
||
f5 big-ip link controller |
||
f5 big-ip local traffic manager |