cpe:/o:linux:linux_kernel:4.8.7 CVE-2016-9555 2016-11-27T22:59:17.097-05:00 2018-08-13T17:47:55.243-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2016-12-22T11:08:05.947-05:00 SECTRACK 1037339 BID 94479 REDHAT RHSA-2017:0086 REDHAT RHSA-2017:0091 REDHAT RHSA-2017:0113 REDHAT RHSA-2017:0307 SUSE SUSE-SU-2016:3096 SUSE SUSE-SU-2016:3113 SUSE SUSE-SU-2016:3116 SUSE SUSE-SU-2016:3117 SUSE SUSE-SU-2016:3169 SUSE SUSE-SU-2016:3183 SUSE SUSE-SU-2016:3197 SUSE SUSE-SU-2016:3205 SUSE SUSE-SU-2016:3206 SUSE SUSE-SU-2016:3247 MLIST [oss-security] 20161122 CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb CONFIRM http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf911e985d6bbaa328c20c3e05f4eb03de11fdd6 CONFIRM http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.8 CONFIRM https://bto.bluecoat.com/security-advisory/sa134 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1397930 CONFIRM https://github.com/torvalds/linux/commit/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6 CONFIRM https://groups.google.com/forum/#!topic/syzkaller/pAUcHsUJbjk The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.