Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2010-1173

Published: 7 May 2010

The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy
Released (2.6.24-28.73)
intrepid Ignored
(end of life, was needed)
jaunty
Released (2.6.28-19.62)
karmic
Released (2.6.31-22.61)
lucid
Released (2.6.32-24.39)
upstream
Released (v2.6.34-rc7)
Patches:
hardy: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1173/patches/hardy/linux/0001-sctp-Fix-skb_over_panic-resulting-from-multiple-invali.txt
hardy: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1173/patches/hardy/linux/0002-sctp-fix-append-error-cause-to-ERROR-chunk-correctly.txt
jaunty: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1173/patches/jaunty/linux/0001-sctp-Fix-skb_over_panic-resulting-from-multiple-invali.txt
jaunty: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1173/patches/jaunty/linux/0002-sctp-fix-append-error-cause-to-ERROR-chunk-correctly.txt
karmic: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1173/patches/karmic/linux/0001-sctp-Fix-skb_over_panic-resulting-from-multiple-invali.txt
karmic: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1173/patches/karmic/linux/0002-sctp-fix-append-error-cause-to-ERROR-chunk-correctly.txt
lucid: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1173/patches/lucid/linux/0001-sctp-Fix-skb_over_panic-resulting-from-multiple-invali.txt
lucid: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1173/patches/lucid/linux/0002-sctp-fix-append-error-cause-to-ERROR-chunk-correctly.txt


linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper
Released (2.6.15-55.86)
hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

lucid Does not exist

upstream Needs triage

Patches:








dapper: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1173/patches/dapper/linux/0001-sctp-Fix-skb_over_panic-resulting-from-multiple-invali.txt
dapper: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1173/patches/dapper/linux/0002-sctp-fix-append-error-cause-to-ERROR-chunk-correctly.txt