5

CVE-2014-4667

The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 3.15.2
SuseLinux Enterprise Desktop Version11 Updatesp3
SuseLinux Enterprise Real Time Extension Version11 Updatesp3
SuseLinux Enterprise Server Version10 Updatesp4 SwEditionltss
SuseLinux Enterprise Server Version11 Updatesp3 SwPlatform-
SuseLinux Enterprise Server Version11 Updatesp3 SwPlatformvmware
CanonicalUbuntu Linux Version12.04 SwEditionesm
DebianDebian Linux Version7.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.93% 0.923
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/59777
Third Party Advisory
http://secunia.com/advisories/60564
Third Party Advisory
http://www.ubuntu.com/usn/USN-2334-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2335-1
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2
Vendor Advisory
Release Notes
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d3217b15a19a4779c39b212358a5c71d725822ee
http://linux.oracle.com/errata/ELSA-2014-3068.html
Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-3069.html
Third Party Advisory
http://secunia.com/advisories/59790
Third Party Advisory
http://secunia.com/advisories/60596
Third Party Advisory
http://www.debian.org/security/2014/dsa-2992
Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/06/27/11
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/68224
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1113967
Third Party Advisory
Issue Tracking
https://github.com/torvalds/linux/commit/d3217b15a19a4779c39b212358a5c71d725822ee
Patch
Third Party Advisory