CVE-2014-0101 (retired)

Priority
Description
The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux
kernel through 3.13.6 does not validate certain auth_enable and
auth_capable fields before making an sctp_sf_authenticate call, which
allows remote attackers to cause a denial of service (NULL pointer
dereference and system crash) via an SCTP handshake with a modified INIT
chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.
Ubuntu-Description
A flaw was discovered in the Linux kernel's handling of the SCTP handshake.
A remote attacker could exploit this flaw to cause a denial of service
(system crash).
Notes
 jdstrand> android kernels (goldfish, grouper, maguro, mako and manta) are not
  supported on the Ubuntu Touch 13.10 preview kernels
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.2.0-63.95)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-16.19)
Patches:
Introduced by bbd0d59809f923ea2b540cbd781b32110e249f6eFixed by ec0223ec48a90cb605244b45f7c62de856403729
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1633.47])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Product
linux-krillin:ignored (was needed now end-of-life)
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.5.0-51.76~precise1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.8.0-41.60~precise1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.11.0-22.38~precise1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.13.0-24.46~precise1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-1013.19)
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1012.12)
Package
Upstream:released (3.14~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1446.65])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Product
linux-vegetahd:ignored (was needed now end-of-life)
More Information

Updated: 2019-09-19 15:46:59 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)