CVE-2018-5803

Published: Jun 12, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

Vendor	Product	Versions
Linux Foundation	Linux Kernel	affected `Before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102.`

References

81331

third-party-advisory

x_refsource_SECUNIA

RHSA-2018:3083

vendor-advisory

x_refsource_REDHAT

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25

x_refsource_CONFIRM

DSA-4187

vendor-advisory

x_refsource_DEBIAN

USN-3654-1

vendor-advisory

x_refsource_UBUNTU

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51

x_refsource_CONFIRM

RHSA-2018:1854

vendor-advisory

x_refsource_REDHAT

USN-3697-1

vendor-advisory

x_refsource_UBUNTU

https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102

x_refsource_CONFIRM

DSA-4188

vendor-advisory

x_refsource_DEBIAN

[netdev] 20180207 [Secunia Research] Linux Kernel Vulnerability - Sending information

mailing-list

x_refsource_MLIST

RHSA-2018:2948

vendor-advisory

x_refsource_REDHAT

USN-3697-2

vendor-advisory

x_refsource_UBUNTU

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c

x_refsource_CONFIRM

[linux-sctp] 20180209 skb_over_panic on INIT/INIT_ACK packet sending

mailing-list

x_refsource_MLIST

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87

x_refsource_CONFIRM

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8

x_refsource_CONFIRM

USN-3654-2

vendor-advisory

x_refsource_UBUNTU

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121

x_refsource_CONFIRM

USN-3698-1

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update

mailing-list

x_refsource_MLIST

USN-3656-1

vendor-advisory

x_refsource_UBUNTU

https://secuniaresearch.flexerasoftware.com/secunia_research/2018-2/

x_refsource_MISC

RHSA-2018:3096

vendor-advisory

x_refsource_REDHAT

USN-3698-2

vendor-advisory

x_refsource_UBUNTU

RHSA-2019:0641

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-5803

Description

Affected Products

References