Bug 191259 - CVE-2006-2275 SCTP receive buffer DoS
CVE-2006-2275 SCTP receive buffer DoS
Status: CLOSED DUPLICATE of bug 187494
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Neil Horman
Brian Brock
impact=moderate,source=vendorsec,repo...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-10 04:01 EDT by Marcel Holtmann
Modified: 2007-11-30 17:07 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-05-10 11:13:39 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marcel Holtmann 2006-05-10 04:01:10 EDT
Linux SCTP before 2.6.17 allows remote attackers to cause a denial of service
via a large number of small messages to a receiver application that cannot
process the messages quickly enough, which leads to "spillover of the receive
buffer."

This issue hasn't been reproduced with RHEL4, but the vulnerable code is the
same as upstream.

The upstream fix can be found here:

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7c3ceb4fb9667f34f1599a062efecf4cdc4a4ce5
Comment 1 Neil Horman 2006-05-10 11:13:39 EDT

*** This bug has been marked as a duplicate of 187494 ***

Note You need to log in before you can comment on or make changes to this bug.