Skip to main content

Improper Locking

CVE-2006-2275

Severity High
Score 7.5/10

Summary

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer."

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-667 - Improper Locking

The software does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

References

Advisory Timeline

  • Published