Oval Definition:oval:org.opensuse.security:def:20084445
Revision Date:2015-11-16Version:1
Title:CVE-2008-4445
Description:
The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function, a different vulnerability than CVE-2008-4113.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-4445
Platform(s):openSUSE 11.0
Product(s):
Definition Synopsis
  • suse110 is installed
  • AND Package Information
  • kernel-debug less than 2.6.25.18-0.2
  • OR kernel-default less than 2.6.25.18-0.2
  • OR kernel-docs less than 2.6.25.18-0.2
  • OR kernel-kdump less than 2.6.25.18-0.2
  • OR kernel-pae less than 2.6.25.18-0.2
  • OR kernel-ppc64 less than 2.6.25.18-0.2
  • OR kernel-ps3 less than 2.6.25.18-0.2
  • OR kernel-rt less than 2.6.25.18-0.2
  • OR kernel-rt_debug less than 2.6.25.18-0.2
  • OR kernel-source less than 2.6.25.18-0.2
  • OR kernel-syms less than 2.6.25.18-0.2
  • OR kernel-vanilla less than 2.6.25.18-0.2
  • OR kernel-xen less than 2.6.25.18-0.2
    • BACK