Back to search
CVE-2014-5077
Published: Aug 1, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
60545
third-party-advisory
x_refsource_SECUNIA
62563
third-party-advisory
x_refsource_SECUNIA
SUSE-SU-2014:1316
vendor-advisory
x_refsource_SUSE
USN-2335-1
vendor-advisory
x_refsource_UBUNTU
USN-2334-1
vendor-advisory
x_refsource_UBUNTU
60430
third-party-advisory
x_refsource_SECUNIA
SUSE-SU-2014:1319
vendor-advisory
x_refsource_SUSE
60564
third-party-advisory
x_refsource_SECUNIA
RHSA-2014:1083
vendor-advisory
x_refsource_REDHAT
[oss-security] 20140725 Re: CVE request Linux Kernel: net: SCTP: NULL pointer dereference
mailing-list
x_refsource_MLIST
USN-2359-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2014:1763
vendor-advisory
x_refsource_REDHAT
59777
third-party-advisory
x_refsource_SECUNIA
RHSA-2014:1668
vendor-advisory
x_refsource_REDHAT
linux-kernel-cve20145077-dos(95134)
vdb-entry
x_refsource_XF
1030681
vdb-entry
x_refsource_SECTRACK
USN-2358-1
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=1122982
x_refsource_CONFIRM
60744
third-party-advisory
x_refsource_SECUNIA
68881
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now