Upstream information
Description
Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 7.1 |
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:C |
| Access Vector | Network |
| Access Complexity | Medium |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Complete |
Note from the SUSE Security Team
This issue affects SUSE Linux products with kernels 2.6.11 and above. It seems however only exploitable to cause a denial of service, if an attacker has control over network availability. It also requires SCTP being configured and used. SUSE Bugzilla entry: 662192 [RESOLVED / FIXED]SUSE Security Advisories:
- SUSE-SA:2011:012, published Tue, 08 Mar 2011 15:00:00 +0000
- SUSE-SA:2011:015, published Thu, 24 Mar 2011 16:00:00 +0000 openSUSE-SU-2011:0159-1
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 08:19:26 2013CVE page last modified: Fri Dec 8 16:45:32 2023