Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 474016 (CVE-2013-2206) - Kernel : sctp: duplicate cookie handling NULL pointer dereference (CVE-2013-2206)
Summary: Kernel : sctp: duplicate cookie handling NULL pointer dereference (CVE-2013-2...
Alias: CVE-2013-2206
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Kernel Security
Depends on:
Reported: 2013-06-21 09:15 UTC by Agostino Sarubbo
Modified: 2016-12-07 04:17 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-06-21 09:15:07 UTC
From ${URL} :

A flaw was found in the way Linux kernel's SCTP network protocol implementation handled duplicate cookies. A transient empty association is created 
while processing the duplicate cookie chunk that userspace could query, potentially leading to NULL pointer dereference. A remote attacker able to 
initiate SCTP connection to the system could use this flaw to create transient conditions that could lead to remote system crash if remote system 
user is querying SCTP connection info at the time these conditions exist.

Upstream fix:
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2013-08-30 01:19:43 UTC
CVE-2013-2206 (
  The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP
  implementation in the Linux kernel before 3.8.5 does not properly handle
  associations during the processing of a duplicate COOKIE ECHO chunk, which
  allows remote attackers to cause a denial of service (NULL pointer
  dereference and system crash) or possibly have unspecified other impact via
  crafted SCTP traffic.