CVE-2014-4667
Summary
The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.
- LOW
- NETWORK
- NONE
- NONE
- NONE
- PARTIAL
References
Advisory Timeline
- Published