CVE-2010-3432

Priority
Medium
Description
The sctp_packet_config function in net/sctp/output.c in the Linux kernel
before 2.6.35.6 performs extraneous initializations of packet data
structures, which allows remote attackers to cause a denial of service
(panic) via a certain sequence of SCTP traffic.
Ubuntu-Description
Thomas Dreibholz discovered that SCTP did not correctly handle appending
packet chunks. A remote attacker could send specially crafted traffic to
crash the system, leading to a denial of service.
References
Bugs
Assigned-to
bradf
Package
Upstream:needs-triage
Patches:
Dapper:http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-3432/patches/dapper/linux/0001-sctp-Do-not-reset-the-packet-during-sctp_packet_config.txt
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
Patches:
Upstream:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=4bdab43323b459900578b200a4b8cf9713ac8fab
Hardy:http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-3432/patches/hardy/linux/0001-sctp-Do-not-reset-the-packet-during-sctp_packet_config.txt
Jaunty:http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-3432/patches/jaunty/linux/0001-sctp-Do-not-reset-the-packet-during-sctp_packet_config.txt
Karmic:http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-3432/patches/karmic/linux/0001-sctp-Do-not-reset-the-packet-during-sctp_packet_config.txt
Lucid:http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-3432/patches/lucid/linux/0001-sctp-Do-not-reset-the-packet-during-sctp_packet_config.txt
Package
Upstream:needs-triage
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:38:55 UTC (commit 9756)