The Stream Control Transmission Protocol (sctp) implementation in the
Linux kernel before 2.6.27 does not properly handle a protocol
violation in which a parameter has an invalid length, which allows
attackers to cause a denial of service (panic) via unspecified
vectors, related to sctp_sf_violation_paramlen,
sctp_sf_abort_violation, sctp_make_abort_violation, and incorrect
data types in function calls.