Back to search
CVE-2010-3432
Published: Nov 20, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
42789
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0024
vdb-entry
x_refsource_VUPEN
42778
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20100924 CVE Request -- Linux/SCTP DoS in sctp_packet_config()
mailing-list
x_refsource_MLIST
RHSA-2011:0004
vendor-advisory
x_refsource_REDHAT
USN-1000-1
vendor-advisory
x_refsource_UBUNTU
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
mailing-list
x_refsource_BUGTRAQ
46397
third-party-advisory
x_refsource_SECUNIA
ADV-2010-3113
vdb-entry
x_refsource_VUPEN
SUSE-SA:2011:001
vendor-advisory
x_refsource_SUSE
RHSA-2010:0936
vendor-advisory
x_refsource_REDHAT
43480
vdb-entry
x_refsource_BID
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6
x_refsource_CONFIRM
SUSE-SA:2011:007
vendor-advisory
x_refsource_SUSE
RHSA-2010:0842
vendor-advisory
x_refsource_REDHAT
ADV-2011-0298
vdb-entry
x_refsource_VUPEN
RHSA-2010:0958
vendor-advisory
x_refsource_REDHAT
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
x_refsource_CONFIRM
[oss-security] 20100925 Re: CVE Request -- Linux/SCTP DoS in sctp_packet_config()
mailing-list
x_refsource_MLIST
ADV-2011-0012
vdb-entry
x_refsource_VUPEN
https://bugzilla.redhat.com/show_bug.cgi?id=637675
x_refsource_CONFIRM
[netdev] 20100915 [PATCH] net: SCTP remote/local Denial of Service vulnerability description and fix
mailing-list
x_refsource_MLIST
42400
third-party-advisory
x_refsource_SECUNIA
DSA-2126
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now