TITLE: Linux Kernel SCTP Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA19990 VERIFY ADVISORY: http://secunia.com/advisories/19990/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Linux Kernel 2.6.x http://secunia.com/product/2719/ DESCRIPTION: Mu Security research team has reported two vulnerabilities in Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An incorrect use of state table entries in the SCTP code when certain ECNE chunks are received in CLOSED state can be exploited to cause kernel panic via a specially crafted packet. 2) An error in the handling of incoming IP-fragmented SCTP control chunks can be exploited to cause kernel panic via specially crafted packets. The vulnerabilities have been reported in version 2.6.16. Other versions may also be affected. SOLUTION: The vulnerabilities have been fixed in the CVS repositories, and will reportedly be fixed in version 2.6.17. PROVIDED AND/OR DISCOVERED BY: Mu Security research team ORIGINAL ADVISORY: http://labs.musecurity.com/advisories/MU-200605-01.txt Kernel.org: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------