7.5

CVE-2006-2275

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CanonicalUbuntu Linux Version5.04
CanonicalUbuntu Linux Version5.10
CanonicalUbuntu Linux Version6.06
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.29% 0.869
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

http://secunia.com/advisories/21465
Broken Link
http://secunia.com/advisories/22417
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0575.html
Broken Link
http://secunia.com/advisories/20716
Broken Link
http://www.ubuntu.com/usn/usn-302-1
Third Party Advisory
http://www.trustix.org/errata/2006/0026
Broken Link
http://www.securityfocus.com/bid/17955
Third Party Advisory
Broken Link
VDB Entry
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7c3ceb4fb9667f34f1599a062efecf4cdc4a4ce5
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/26433
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11295
Broken Link