The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service (panic) via unspecified vectors, related to sctp_sf_violation_paramlen, sctp_sf_abort_violation, sctp_make_abort_violation, and incorrect data types in function calls.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2008-10-21 00:10
Updated : 2024-02-04 17:33
NVD link : CVE-2008-4618
Mitre link : CVE-2008-4618
CVE.ORG link : CVE-2008-4618
JSON object : View
Products Affected
linux
- linux_kernel
CWE