The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service (panic) via unspecified vectors, related to sctp_sf_violation_paramlen, sctp_sf_abort_violation, sctp_make_abort_violation, and incorrect data types in function calls.
References
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 02:02
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2008-10-21 00:10
Updated : 2024-02-28 11:21
NVD link : CVE-2008-4618
Mitre link : CVE-2008-4618
CVE.ORG link : CVE-2008-4618
JSON object : View
Products Affected
linux
- linux_kernel
CWE