LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: denial of service

Package(s):kernel CVE #(s):CVE-2008-4576
Created:October 21, 2008 Updated:January 22, 2009
Description: From the CVE entry: sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires.
Alerts:
CentOS CESA-2008:1017 2008-12-17
Red Hat RHSA-2008:1017-01 2008-12-16
Debian DSA-1687-1 2008-12-15
Debian DSA-1681-1 2008-12-04
Ubuntu USN-679-1 2008-11-27
SuSE SUSE-SR:2008:025 2008-11-14
SuSE SUSE-SA:2008:053 2008-10-27
Fedora FEDORA-2008-8929 2008-10-23
Fedora FEDORA-2008-8980 2008-10-23
SuSE SUSE-SA:2008:052 2008-10-21
Red Hat RHSA-2009:0009-02 2009-01-22
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds