SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Linux)  >   Linux Kernel Vendors:   kernel.org
Linux Kernel SCTP Null Pointer Dereference Lets Remote Users Deny Service
SecurityTracker Alert ID:  1030681
SecurityTracker URL:  http://securitytracker.com/id/1030681
CVE Reference:   CVE-2014-5077   (Links to External Site)
Date:  Aug 6 2014
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in the Linux Kernel. A remote user can cause denial of service conditions.

On systems with SCTP authentication enabled, a remote user can send specially crafted SCTP data to trigger a null pointer dereference in the sctp_assoc_update() function in 'net/sctp/associola.c' and cause the target system to crash.

The vulnerability can be triggered when simultaneous new connections are initiated between the same pair of systems.

Impact:   A remote user can cause the target system to crash.
Solution:   The vendor has issued a source code fix, available at:

https://github.com/torvalds/linux/commit/1be9a950c646c9092fb3618197f7b6bfb50e82aa

Vendor URL:  www.kernel.org/ (Links to External Site)
Cause:   Access control error

Message History:   This archive entry has one or more follow-up message(s) listed below.
Oct 23 2014 (Red Hat Issues Fix) Linux Kernel SCTP Null Pointer Dereference Lets Remote Users Deny Service
Red Hat has issued a fix for Red Hat Enterprise Linux 6.5.
Oct 30 2014 (Red Hat Issues Fix) Linux Kernel SCTP Null Pointer Dereference Lets Remote Users Deny Service
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Oct 31 2014 (Red Hat Issues Fix) Linux Kernel SCTP Null Pointer Dereference Lets Remote Users Deny Service
Red Hat has issued a fix for Red Hat Enterprise Linux 6.2.
Nov 19 2014 (Red Hat Issues Fix) Linux Kernel SCTP Null Pointer Dereference Lets Remote Users Deny Service
Red Hat has issued a fix for Red Hat Enterprise Linux 6.4.



 Source Message Contents

Subject:  Re: [oss-security] Re: CVE request Linux Kernel: net: SCTP: NULL pointer dereference

On 07/26/2014 04:21 AM, cve-assign@mitre.org wrote:
...
> Use CVE-2014-5077 for this issue in the sctp_assoc_update function in
> net/sctp/associola.c (not yet patched at
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/sctp/associola.c).

It's currently in the -net tree [1], I expect a pull request for
mainline to happen quite soon.

Cheers,

Daniel

   [1] http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=1be9a950c646c9092fb3618197f7b6bfb50e82aa
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC