CVE Vulnerabilities

CVE-2008-3526

Published: Aug 27, 2008 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux 2.6.24 2.6.24
Linux_kernel Linux 2.6.24 2.6.24
Linux_kernel Linux 2.6.24 2.6.24
Linux_kernel Linux 2.6.24.1 2.6.24.1
Linux_kernel Linux 2.6.24.2 2.6.24.2
Linux_kernel Linux 2.6.24.3 2.6.24.3
Linux_kernel Linux 2.6.24.4 2.6.24.4
Linux_kernel Linux 2.6.24.5 2.6.24.5
Linux_kernel Linux 2.6.24.6 2.6.24.6
Linux_kernel Linux 2.6.24.7 2.6.24.7
Linux_kernel Linux 2.6.24_rc1 2.6.24_rc1
Linux_kernel Linux 2.6.24_rc4 2.6.24_rc4
Linux_kernel Linux 2.6.24_rc5 2.6.24_rc5
Linux_kernel Linux 2.6.25 2.6.25
Linux_kernel Linux 2.6.25.1 2.6.25.1
Linux_kernel Linux 2.6.25.2 2.6.25.2
Linux_kernel Linux 2.6.25.3 2.6.25.3
Linux_kernel Linux 2.6.25.4 2.6.25.4
Linux_kernel Linux 2.6.25.5 2.6.25.5
Linux_kernel Linux 2.6.25.6 2.6.25.6
Linux_kernel Linux 2.6.25.7 2.6.25.7
Linux_kernel Linux 2.6.25.8 2.6.25.8
Linux_kernel Linux 2.6.25.9 2.6.25.9
Linux_kernel Linux 2.6.25.10 2.6.25.10
Linux_kernel Linux 2.6.25.11 2.6.25.11
Linux_kernel Linux 2.6.25.12 2.6.25.12
Linux_kernel Linux 2.6.25.13 2.6.25.13
Linux_kernel Linux 2.6.25.14 2.6.25.14
Linux_kernel Linux 2.6.25.15 2.6.25.15
Linux_kernel Linux 2.6.26 2.6.26
Linux_kernel Linux 2.6.26.1 2.6.26.1
Linux_kernel Linux 2.6.26.2 2.6.26.2
Linux_kernel Linux 2.6.26.3 2.6.26.3
MRG for RHEL-5 RedHat kernel-rt-0:2.6.24.7-81.el5rt *
Linux Ubuntu hardy *
Linux Ubuntu upstream *
Linux-source-2.6.15 Ubuntu upstream *
Linux-source-2.6.20 Ubuntu upstream *
Linux-source-2.6.22 Ubuntu upstream *

References