CVE-2007-2876

CVE-2007-2876

EPSS 1.4%

The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://marc.info/?l=linux-kernel&m=118128610219959&w=2 http://marc.info/?l=linux-kernel&m=118128622431272&w=2 http://osvdb.org/37112 http://rhn.redhat.com/errata/RHSA-2007-0488.html http://secunia.com/advisories/25838 http://secunia.com/advisories/25961 http://secunia.com/advisories/26133 http://secunia.com/advisories/26139 http://secunia.com/advisories/26289 http://secunia.com/advisories/26450 http://secunia.com/advisories/26620 http://secunia.com/advisories/26664