Back to search
CVE-2006-2274
Published: May 9, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm
x_refsource_CONFIRM
RHSA-2006:0493
vendor-advisory
x_refsource_REDHAT
ADV-2006-2554
vdb-entry
x_refsource_VUPEN
17955
vdb-entry
x_refsource_BID
20716
third-party-advisory
x_refsource_SECUNIA
21476
third-party-advisory
x_refsource_SECUNIA
21745
third-party-advisory
x_refsource_SECUNIA
MDKSA-2006:150
vendor-advisory
x_refsource_MANDRIVA
USN-302-1
vendor-advisory
x_refsource_UBUNTU
MDKSA-2006:123
vendor-advisory
x_refsource_MANDRIVA
DSA-1097
vendor-advisory
x_refsource_DEBIAN
SUSE-SA:2006:028
vendor-advisory
x_refsource_SUSE
2006-0026
vendor-advisory
x_refsource_TRUSTIX
DSA-1103
vendor-advisory
x_refsource_DEBIAN
linux-sctp-skb-pull-dos(26432)
vdb-entry
x_refsource_XF
21045
third-party-advisory
x_refsource_SECUNIA
20237
third-party-advisory
x_refsource_SECUNIA
20398
third-party-advisory
x_refsource_SECUNIA
25746
vdb-entry
x_refsource_OSVDB
oval:org.mitre.oval:def:9531
vdb-entry
signature
x_refsource_OVAL
20671
third-party-advisory
x_refsource_SECUNIA
20914
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now