The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service (panic) via unspecified vectors, related to sctp_sf_violation_paramlen, sctp_sf_abort_violation, sctp_make_abort_violation, and incorrect data types in function calls.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2008-10-20 17:10
Updated : 2012-03-18 21:00
NVD link : CVE-2008-4618
Mitre link : CVE-2008-4618
JSON object : View
CWE
Products Affected
linux
- linux_kernel