[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: kernel: sctp: Fix oops when INIT-ACK
From:       "Steven M. Christey" <coley () linus ! mitre ! org>
Date:       2008-10-15 18:46:39
Message-ID: Pine.GSO.4.51.0810151440370.15058 () faron ! mitre ! org
[Download RAW message or body]


This is one of those "I don't know what I'm typing" descriptions so any
clarification would be welcome.

- Steve


======================================================
Name: CVE-2008-4576
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4576
Reference: MLIST:[linux-kernel] 20081006 [patch 58/71] sctp: Fix oops when INIT-ACK indicates \
                that peer doesnt support AUTH
Reference: URL:http://www.gossamer-threads.com/lists/linux/kernel/981012?page=last
Reference: CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.18

sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause
a denial of service (OOPS) via an INIT-ACK that states the peer does
not support AUTH, which causes the sctp_process_init function to clean
up active transports and triggers the OOPS when the T1-Init timer
expires.


[prev in list] [next in list] [prev in thread] [next in thread]