7.8

CVE-2010-3432

The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 2.6.35.6
OpensuseOpensuse Version11.3
SuseLinux Enterprise Real Time Extension Version11 Updatesp1
DebianDebian Linux Version5.0
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version8.04 SwEdition-
CanonicalUbuntu Linux Version9.04
CanonicalUbuntu Linux Version9.10
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version10.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.54% 0.918
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/46397
Third Party Advisory
http://www.securityfocus.com/archive/1/520102/100/0/threaded
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
Third Party Advisory
Mailing List
http://www.ubuntu.com/usn/USN-1000-1
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0298
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/42778
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0012
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0842.html
Third Party Advisory
http://www.debian.org/security/2010/dsa-2126
Third Party Advisory
http://secunia.com/advisories/42400
Third Party Advisory
http://secunia.com/advisories/42789
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0936.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0958.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0004.html
Third Party Advisory
http://www.vupen.com/english/advisories/2010/3113
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0024
Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4bdab43323b459900578b200a4b8cf9713ac8fab
http://marc.info/?l=linux-netdev&m=128453869227715&w=3
Patch
Third Party Advisory
Mailing List
http://marc.info/?l=oss-security&m=128534569803598&w=2
Patch
Third Party Advisory
Mailing List
http://marc.info/?l=oss-security&m=128537701808336&w=2
Patch
Third Party Advisory
Mailing List
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6
Broken Link
http://www.securityfocus.com/bid/43480
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=637675
Third Party Advisory
Issue Tracking