5
CVE-2006-2274
- EPSS 3.82%
- Veröffentlicht 09.05.2006 20:02:00
- Zuletzt bearbeitet 16.06.2026 22:24:41
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Lksctp ≫ Stream Control Transmission Protocol Version2.6.17
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.82% | 0.887 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
http://secunia.com/advisories/21476
http://secunia.com/advisories/20237
http://secunia.com/advisories/21745
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm
http://www.redhat.com/support/errata/RHSA-2006-0493.html
http://secunia.com/advisories/20914
http://www.debian.org/security/2006/dsa-1103
http://www.vupen.com/english/advisories/2006/2554
http://secunia.com/advisories/20398
http://www.novell.com/linux/security/advisories/2006-05-31.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
http://secunia.com/advisories/20671
http://www.debian.org/security/2006/dsa-1097
http://secunia.com/advisories/21045
http://www.mandriva.com/security/advisories?name=MDKSA-2006:123
http://secunia.com/advisories/20716
http://www.ubuntu.com/usn/usn-302-1
http://www.trustix.org/errata/2006/0026
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=672e7cca17ed6036a1756ed34cf20dbd72d5e5f6
http://www.osvdb.org/25746
http://www.securityfocus.com/bid/17955
https://exchange.xforce.ibmcloud.com/vulnerabilities/26432
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9531