Oval Definition:oval:org.mitre.oval:def:9531
Revision Date:2013-04-29Version:11
Title:Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.
Description:Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-2274
Platform(s):CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • kernel-hugemem is earlier than 0:2.6.9-34.0.1.EL
  • OR kernel-hugemem-devel is earlier than 0:2.6.9-34.0.1.EL
  • OR kernel-smp-devel is earlier than 0:2.6.9-34.0.1.EL
  • OR kernel-largesmp-devel is earlier than 0:2.6.9-34.0.1.EL
  • OR kernel is earlier than 0:2.6.9-34.0.1.EL
  • OR kernel-devel is earlier than 0:2.6.9-34.0.1.EL
  • OR kernel-doc is earlier than 0:2.6.9-34.0.1.EL
  • OR kernel-largesmp is earlier than 0:2.6.9-34.0.1.EL
  • OR kernel-smp is earlier than 0:2.6.9-34.0.1.EL
    • BACK