Summary
This host has Linux Kernel Stream Control Transmission Protocol (SCTP) implementation and is prone to Protocol Violation Vulnerability.
Impact
Successful attacks will result in denial of service via kernel related vectors.
Impact Level: System
Solution
Upgrade to Linux kernel 2.6.27, or
Apply the available patch from below link,
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git a=commit
h=ba0166708ef4da7eeb61dd92bbba4d5a749d6561
*****
NOTE : Ignore this warning if patch is already applied.
*****
Insight
The issue is with the parameter 'sctp_paramhdr' in sctp_sf_violation_paramlen, sctp_sf_abort_violation, and sctp_make_abort_violation functions of sm.h, sm_make_chunk.c, and sm_statefunc.c files, which has invalid length and incorrect data types in function calls.
Affected
Linux kernel version before 2.6.27 on all Linux Platforms.
References
Severity
Classification
-
CVE CVE-2008-4618 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Apple QuickTime Multiple Vulnerabilities - Jun09
- BreakPoint Software Hex Workshop Denial of Service vulnerability
- Checkpoint Firewall-1 UDP denial of service
- ClamAV 'find_stream_bounds()' PDF File Processing Denial Of Service Vulnerability
- Azeotech DAQFactory NETB Datagram Parsing Stack Buffer Overflow Vulnerability