Synopsis :
It is possible to crash the remote host by sending it an SCTP packet.
Description :
There is a flaw in the SCTP code included in Linux kernel versions
2.6.16.x that results in a kernel panic when an SCTP packet with an
unexpected ECNE chunk is received in a CLOSED state. An attacker can
leverage this flaw to crash the remote host with a single, possibly
forged, packet.
See also :
http://labs.musecurity.com/advisories/MU-200605-01.txt
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17
Solution :
Upgrade to Linux kernel version 2.6.17 or later.
Risk factor :
Low / CVSS Base Score : 3.3
(AV:R/AC:L/Au:NR/C:N/I:N/A:C/B:N)
|