5

CVE-2006-2274

EPSS 9.3%
Published 09.05.2006 20:02:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.

Affected products Warnungen 0 Metrics 2 CWE 0 References 26

Data is provided by the National Vulnerability Database (NVD)

Lksctp ≫ Stream Control Transmission Protocol Version2.6.17

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	9.3%	0.924

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://secunia.com/advisories/21476

http://secunia.com/advisories/20237

http://secunia.com/advisories/21745

http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm

http://www.redhat.com/support/errata/RHSA-2006-0493.html

http://secunia.com/advisories/20914

http://www.debian.org/security/2006/dsa-1103

http://www.vupen.com/english/advisories/2006/2554

http://secunia.com/advisories/20398

http://www.novell.com/linux/security/advisories/2006-05-31.html

http://www.mandriva.com/security/advisories?name=MDKSA-2006:150

http://secunia.com/advisories/20671

http://www.debian.org/security/2006/dsa-1097

http://secunia.com/advisories/21045

http://www.mandriva.com/security/advisories?name=MDKSA-2006:123

http://secunia.com/advisories/20716

http://www.ubuntu.com/usn/usn-302-1

http://www.trustix.org/errata/2006/0026

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=672e7cca17ed6036a1756ed34cf20dbd72d5e5f6

http://www.osvdb.org/25746

http://www.securityfocus.com/bid/17955

https://exchange.xforce.ibmcloud.com/vulnerabilities/26432

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9531

https://nvd.nist.gov/vuln/detail/CVE-2006-2274

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2274

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2274

EUVD