Upstream information

CVE-2006-2274 at MITRE

Description

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5
Vector AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 173800 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX 10.0
  • Intel-536ep >= 4.69-14.5
  • kernel-bigsmp >= 2.6.13-15.10
  • kernel-bigsmp-nongpl >= 2.6.13-15.10
  • kernel-default >= 2.6.13-15.10
  • kernel-default-nongpl >= 2.6.13-15.10
  • kernel-iseries64 >= 2.6.13-15.10
  • kernel-ppc64 >= 2.6.13-15.10
  • kernel-smp >= 2.6.13-15.10
  • kernel-smp-nongpl >= 2.6.13-15.10
  • kernel-source >= 2.6.13-15.10
  • kernel-syms >= 2.6.13-15.10
  • kernel-um >= 2.6.13-15.10
  • kernel-um-nongpl >= 2.6.13-15.10
  • kernel-xen >= 2.6.13-15.10
  • kernel-xen-nongpl >= 2.6.13-15.10
  • um-host-kernel >= 2.6.13-15.10
Novell Linux Desktop 9 for x86_64
  • kernel-default >= 2.6.5-7.257
  • kernel-smp >= 2.6.5-7.257
  • kernel-source >= 2.6.5-7.257
  • kernel-syms >= 2.6.5-7.257
Builds
YOU Patch Nr: 10997
SUSE LINUX 9.3
  • Intel-536ep >= 4.69-10.6
  • kernel-bigsmp >= 2.6.11.4-21.12
  • kernel-bigsmp-nongpl >= 2.6.11.4-21.12
  • kernel-default >= 2.6.11.4-21.12
  • kernel-default-nongpl >= 2.6.11.4-21.12
  • kernel-docs >= 2.6.11.4-21.12
  • kernel-smp >= 2.6.11.4-21.12
  • kernel-smp-nongpl >= 2.6.11.4-21.12
  • kernel-source >= 2.6.11.4-21.12
  • kernel-syms >= 2.6.11.4-21.12
  • kernel-um >= 2.6.11.4-21.12
  • kernel-um-nongpl >= 2.6.11.4-21.12
  • kernel-xen >= 2.6.11.4-21.12
  • kernel-xen-nongpl >= 2.6.11.4-21.12
  • ltmodem >= 8.31a10-7.6
  • um-host-install-initrd >= 1.0-50.6
  • um-host-kernel >= 2.6.11.4-21.12
Novell Linux Desktop 9 for x86
  • kernel-bigsmp >= 2.6.5-7.257
  • kernel-default >= 2.6.5-7.257
  • kernel-smp >= 2.6.5-7.257
  • kernel-source >= 2.6.5-7.257
  • kernel-syms >= 2.6.5-7.257
Builds
YOU Patch Nr: 11001
Open Enterprise Server
  • kernel-bigsmp >= 2.6.5-7.257
  • kernel-debug >= 2.6.5-7.257
  • kernel-default >= 2.6.5-7.257
  • kernel-smp >= 2.6.5-7.257
  • kernel-source >= 2.6.5-7.257
  • kernel-syms >= 2.6.5-7.257
  • kernel-um >= 2.6.5-7.257
  • um-host-install-initrd >= 1.0-48.17
  • um-host-kernel >= 2.6.5-7.257
Builds
YOU Patch Nr: 11001