Upstream information
Description
The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 6.1 |
| Vector | AV:A/AC:L/Au:N/C:N/I:N/A:C |
| Access Vector | Adjacent Network |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Complete |
SUSE Security Advisories:
- SUSE-SA:2007:043, published Mon, 09 Jul 2007 13:00:00 +0000
- SUSE-SA:2007:051, published Thu, 06 Sep 2007 17:00:00 +0000
- SUSE-SA:2007:053, published Fri, 12 Oct 2007 16:00:00 +0000
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 03:52:02 2013CVE page last modified: Fri Dec 8 16:21:11 2023