Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 312477

Summary: Kernel: SCTP DoS (CVE-2010-0008)
Product: Gentoo Security Reporter: Alex Legler (RETIRED) <a3li>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=555658
Whiteboard: [linux < 2.6.23]
Package list:
Runtime testing required: ---

Description Alex Legler (RETIRED) archtester gentoo-dev Security 2010-03-31 19:28:23 UTC 
CVE-2010-0008 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0008):
  The SCTP implementation in the Linux kernel before 2.6.23 allows
  remote attackers to cause a denial of service (infinite loop) via (1)
  an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length.