[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2014-317 ---- kernel perf

ID: oval:org.secpod.oval:def:1600040Date: (C)2016-01-05   (M)2024-02-19
Class: PATCHFamily: unix




The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.

Platform:
Amazon Linux AMI
Product:
kernel
perf
Reference:
ALAS-2014-317
CVE-2014-0101
CVE    1
CVE-2014-0101
CPE    358
cpe:/o:linux:linux_kernel:3.0.40
cpe:/o:linux:linux_kernel:3.1.10
cpe:/o:linux:linux_kernel:3.0.42
cpe:/o:linux:linux_kernel:3.0.41
...

© SecPod Technologies