The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.
References
Link | Resource |
---|---|
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729 | |
http://rhn.redhat.com/errata/RHSA-2014-0328.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2014-0419.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2014-0432.html | Third Party Advisory |
http://secunia.com/advisories/59216 | Third Party Advisory |
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2014/03/04/6 | Mailing List Patch Third Party Advisory |
http://www.securityfocus.com/bid/65943 | Third Party Advisory VDB Entry |
http://www.ubuntu.com/usn/USN-2173-1 | Third Party Advisory |
http://www.ubuntu.com/usn/USN-2174-1 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1070705 | Issue Tracking Patch Third Party Advisory |
https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729 | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
No history.
Information
Published : 2014-03-11 13:01
Updated : 2024-02-28 12:20
NVD link : CVE-2014-0101
Mitre link : CVE-2014-0101
CVE.ORG link : CVE-2014-0101
JSON object : View
Products Affected
redhat
- enterprise_linux_eus
- enterprise_linux_server_aus
- enterprise_linux_desktop
- enterprise_linux_server_tus
- enterprise_linux_workstation
- enterprise_linux_server
f5
- big-ip_advanced_firewall_manager
- big-ip_local_traffic_manager
- big-ip_protocol_security_module
- big-iq_cloud
- big-ip_application_acceleration_manager
- big-ip_webaccelerator
- big-ip_link_controller
- big-iq_security
- big-ip_edge_gateway
- big-ip_wan_optimization_manager
- big-iq_centralized_management
- big-ip_global_traffic_manager
- big-iq_device
- big-ip_enterprise_manager
- big-ip_application_security_manager
- big-iq_adc
- big-ip_analytics
- big-ip_access_policy_manager
- big-ip_policy_enforcement_manager
canonical
- ubuntu_linux
linux
- linux_kernel
CWE
CWE-476
NULL Pointer Dereference