oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request -- Linux kernel: sctp: sk_ack_backlog wrap-around problem

From: cve-assign () mitre org
Date: Fri, 27 Jun 2014 11:26:30 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


sk_ack_backlog value is decremented for this socket, since the initial
value for sk_ack_backlog is 0, after the decrement, it will be 65535,
a wrap-around problem happens, and if we want to establish new
associations afterward in the same socket, ABORT would be triggered



A remote attacker can block further connection to the particular sctp
server socket by sending a specially crafted sctp packet.



https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d3217b15a19a4779c39b212358a5c71d725822ee
https://bugzilla.redhat.com/show_bug.cgi?id=1113967


Use CVE-2014-4667.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTrYyvAAoJEKllVAevmvmspboH+wTd8u74TVDKGExKiL/GLx1n
uJoLaVZ0CmxnO5wEYcPZR1lcACTt9+01CxD8gwe+AFp+/4lcINvexZaGgG5lBHlY
C/D7YHxrHGPmMEwBj7Cb3E4Vo83MwDovCfK83lNprAG2QKVg54DbupzD+a5fWdH+
8blx0/2dJB8F1YgQd1osYghi+rZyHRwQZjR2VhyQYRTNEJHMjHAY8En+gfvgFMw+
3l+p0XfOvJHTqBk4QBFa7kslX8VWmY2gvWXv67iTjfOVlqrpVCkfFkpm2ofW/+CF
8sq1LFu3PT8EBvW4HSKS7+BYl5k/2oC7EWpstQBN34QBOK+2k9e1h3kj+QZ9KWA=
=U2mC
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: