The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel up to and including 3.17.2 allows remote malicious users to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
linux linux kernel |
||
redhat enterprise mrg 2.0 |
||
canonical ubuntu linux 12.04 |
||
opensuse evergreen 11.4 |
||
novell suse linux enterprise server 12.0 |
||
suse linux enterprise real time extension 11 |
||
debian debian linux 7.0 |
||
novell suse linux enterprise desktop 12.0 |
||
suse linux enterprise workstation extension 12 |
||
suse linux enterprise software development kit 12 |
||
suse suse linux enterprise server 11 |
||
oracle linux 5 |
||
oracle linux 6 |
||
oracle linux 7 |
Vulmon