ID CVE-2006-2274
Summary Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.
References
Vulnerable Configurations
  • cpe:2.3:a:lksctp:stream_control_transmission_protocol:2.6.17:*:*:*:*:*:*:*
    cpe:2.3:a:lksctp:stream_control_transmission_protocol:2.6.17:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-10-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
oval via4
accepted 2013-04-29T04:20:03.122-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.
family unix
id oval:org.mitre.oval:def:9531
status accepted
submitted 2010-07-09T03:56:16-04:00
title Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.
version 29
redhat via4
advisories
bugzilla
id 191524
title CVE-2006-1856 LSM missing readv/writev
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304025
    • OR
      • comment kernel earlier than 0:2.6.9-34.0.1.EL is currently running
        oval oval:com.redhat.rhsa:tst:20060493019
      • comment kernel earlier than 0:2.6.9-34.0.1.EL is set to boot up on next boot
        oval oval:com.redhat.rhsa:tst:20060493020
    • OR
      • AND
        • comment kernel is earlier than 0:2.6.9-34.0.1.EL
          oval oval:com.redhat.rhsa:tst:20060493001
        • comment kernel is signed with Red Hat master key
          oval oval:com.redhat.rhba:tst:20070304002
      • AND
        • comment kernel-devel is earlier than 0:2.6.9-34.0.1.EL
          oval oval:com.redhat.rhsa:tst:20060493003
        • comment kernel-devel is signed with Red Hat master key
          oval oval:com.redhat.rhba:tst:20070304004
      • AND
        • comment kernel-doc is earlier than 0:2.6.9-34.0.1.EL
          oval oval:com.redhat.rhsa:tst:20060493005
        • comment kernel-doc is signed with Red Hat master key
          oval oval:com.redhat.rhba:tst:20070304006
      • AND
        • comment kernel-hugemem is earlier than 0:2.6.9-34.0.1.EL
          oval oval:com.redhat.rhsa:tst:20060493007
        • comment kernel-hugemem is signed with Red Hat master key
          oval oval:com.redhat.rhba:tst:20070304008
      • AND
        • comment kernel-hugemem-devel is earlier than 0:2.6.9-34.0.1.EL
          oval oval:com.redhat.rhsa:tst:20060493009
        • comment kernel-hugemem-devel is signed with Red Hat master key
          oval oval:com.redhat.rhba:tst:20070304010
      • AND
        • comment kernel-largesmp is earlier than 0:2.6.9-34.0.1.EL
          oval oval:com.redhat.rhsa:tst:20060493011
        • comment kernel-largesmp is signed with Red Hat master key
          oval oval:com.redhat.rhba:tst:20070304012
      • AND
        • comment kernel-largesmp-devel is earlier than 0:2.6.9-34.0.1.EL
          oval oval:com.redhat.rhsa:tst:20060493013
        • comment kernel-largesmp-devel is signed with Red Hat master key
          oval oval:com.redhat.rhba:tst:20070304014
      • AND
        • comment kernel-smp is earlier than 0:2.6.9-34.0.1.EL
          oval oval:com.redhat.rhsa:tst:20060493015
        • comment kernel-smp is signed with Red Hat master key
          oval oval:com.redhat.rhba:tst:20070304016
      • AND
        • comment kernel-smp-devel is earlier than 0:2.6.9-34.0.1.EL
          oval oval:com.redhat.rhsa:tst:20060493017
        • comment kernel-smp-devel is signed with Red Hat master key
          oval oval:com.redhat.rhba:tst:20070304018
rhsa
id RHSA-2006:0493
released 2006-05-24
severity Important
title RHSA-2006:0493: kernel security update (Important)
rpms
  • kernel-0:2.6.9-34.0.1.EL
  • kernel-debuginfo-0:2.6.9-34.0.1.EL
  • kernel-devel-0:2.6.9-34.0.1.EL
  • kernel-doc-0:2.6.9-34.0.1.EL
  • kernel-hugemem-0:2.6.9-34.0.1.EL
  • kernel-hugemem-devel-0:2.6.9-34.0.1.EL
  • kernel-largesmp-0:2.6.9-34.0.1.EL
  • kernel-largesmp-devel-0:2.6.9-34.0.1.EL
  • kernel-smp-0:2.6.9-34.0.1.EL
  • kernel-smp-devel-0:2.6.9-34.0.1.EL
refmap via4
bid 17955
confirm
debian
  • DSA-1097
  • DSA-1103
mandriva
  • MDKSA-2006:123
  • MDKSA-2006:150
osvdb 25746
secunia
  • 20237
  • 20398
  • 20671
  • 20716
  • 20914
  • 21045
  • 21476
  • 21745
suse SUSE-SA:2006:028
trustix 2006-0026
ubuntu USN-302-1
vupen ADV-2006-2554
xf linux-sctp-skb-pull-dos(26432)
Last major update 11-10-2017 - 01:30
Published 09-05-2006 - 20:02
Last modified 11-10-2017 - 01:30
Back to Top