The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.
2014-03-11T13:01:06.733
2025-04-12T10:46:40.837
Deferred
CVSSv2: 7.8 (HIGH)
AV:N/AC:L/Au:N/C:N/I:N/A:C
10.0
6.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | linux | linux_kernel | < 3.2.56 | Yes |
Operating System | linux | linux_kernel | < 3.4.84 | Yes |
Operating System | linux | linux_kernel | < 3.10.34 | Yes |
Operating System | linux | linux_kernel | < 3.12.15 | Yes |
Operating System | linux | linux_kernel | < 3.13.7 | Yes |
Operating System | redhat | enterprise_linux_desktop | 6.0 | Yes |
Operating System | redhat | enterprise_linux_eus | 6.3 | Yes |
Operating System | redhat | enterprise_linux_eus | 6.4 | Yes |
Operating System | redhat | enterprise_linux_eus | 6.5 | Yes |
Operating System | redhat | enterprise_linux_server | 6.0 | Yes |
Operating System | redhat | enterprise_linux_server_aus | 6.4 | Yes |
Operating System | redhat | enterprise_linux_server_aus | 6.5 | Yes |
Operating System | redhat | enterprise_linux_server_tus | 6.5 | Yes |
Operating System | redhat | enterprise_linux_workstation | 6.0 | Yes |
Operating System | canonical | ubuntu_linux | 10.04 | Yes |
Application | f5 | big-ip_access_policy_manager | ≤ 11.5.3 | Yes |
Application | f5 | big-ip_advanced_firewall_manager | ≤ 11.5.3 | Yes |
Application | f5 | big-ip_analytics | ≤ 11.5.3 | Yes |
Application | f5 | big-ip_application_acceleration_manager | ≤ 11.5.3 | Yes |
Application | f5 | big-ip_application_security_manager | ≤ 11.5.3 | Yes |
Application | f5 | big-ip_edge_gateway | ≤ 11.3.0 | Yes |
Application | f5 | big-ip_enterprise_manager | ≤ 2.3.0 | Yes |
Application | f5 | big-ip_enterprise_manager | ≤ 3.1.1 | Yes |
Application | f5 | big-ip_global_traffic_manager | ≤ 11.5.3 | Yes |
Application | f5 | big-ip_link_controller | ≤ 11.5.3 | Yes |
Application | f5 | big-ip_local_traffic_manager | ≤ 11.5.3 | Yes |
Application | f5 | big-ip_policy_enforcement_manager | ≤ 11.5.3 | Yes |
Application | f5 | big-ip_protocol_security_module | ≤ 11.4.1 | Yes |
Application | f5 | big-ip_wan_optimization_manager | ≤ 11.3.0 | Yes |
Application | f5 | big-ip_webaccelerator | ≤ 11.3.0 | Yes |
Application | f5 | big-iq_adc | 4.5.0 | Yes |
Application | f5 | big-iq_centralized_management | 4.6.0 | Yes |
Application | f5 | big-iq_cloud | ≤ 4.5.0 | Yes |
Application | f5 | big-iq_device | ≤ 4.5.0 | Yes |
Application | f5 | big-iq_security | ≤ 4.5.0 | Yes |