oss-sec mailing list archives
CVE request Linux Kernel: net: SCTP: NULL pointer dereference
From: P J P <ppandit () redhat com>
Date: Thu, 24 Jul 2014 19:30:10 +0530 (IST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello,Linux kernel built with the support for Stream Control Transmission Protocol (CONFIG_IP_SCTP) is vulnerable to a NULL pointer dereference flaw. It could occur when simultaneous new connections are initiated between a same pair of hosts.
A remote user/program could use this flaw to crash the system kernel resulting in DoS. Upstream fix: - ------------- -> http://patchwork.ozlabs.org/patch/372475/ Thank you. - -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJT0RFqAAoJEN0TPTL+WwQfGG8P/jDznmANj2c3rVe0Sx3BaxRX zwbkaqg3eiKiqmBh+Wnf+n6tDsvGA2TUYAF+lqOEM5twJee89Z+WtTRoI6+6MMCE AwiohGZyIIutPYwVmZk1lgWnbiVb7jLpoU225ztzMKGuPCO+kDwvFyjmXK6XsfrW ww02NoJjysibS/OteJ9gDGbbGVmWuAly+IhwURTLTeuUBmfnV2vO1nFNT9WzWjpU 30Cw09Kac47UvW2RvQLOi+elTl36oTKjbFPp2So8LYxEvaxakooI7w8y7OtSYMxG b3IHIDzgsbQTXFTQzp9mSSymHkAKGMtMpjqBPB8AHk5yVYWF4WM2Rx5vagTyqWUp TcwbP9OloND+AoTsWabKyIwIzElnw2xaNEWXU4CxagDookPx+CqLLJF5abRDUlK7 T+/LIpCMtZnRuJF0CQedMSOBCie9zRgdwesmRdtvRBpQ4JzpwFOlFoKbkDtSSvXd 9ArbbJHst4uuGEjih2PWRL6OCigk+a3mmXmcGtAChbuouW26dOPfOSbXO+0WpC0K YNpttf/9cudRVows1/iS249prMrJvwktvCBiPOOMK4hDUAp+Q7w7XIWmSOlmD4Fd 7IlzylhC79eUN26bhm19pMtEFkz0K5l/t1HrAgZ91htWuT8sxtBu2uYKivk8rIiH LgN0haqjXaAYidUwDO+b =T+/w -----END PGP SIGNATURE-----
Current thread:
- CVE request Linux Kernel: net: SCTP: NULL pointer dereference P J P (Jul 24)
- Re: CVE request Linux Kernel: net: SCTP: NULL pointer dereference cve-assign (Jul 25)
- Re: Re: CVE request Linux Kernel: net: SCTP: NULL pointer dereference Daniel Borkmann (Jul 26)
- Re: CVE request Linux Kernel: net: SCTP: NULL pointer dereference cve-assign (Jul 25)