Lucene search
F5F5:K15910HistorySep 16, 2015 - 12:00 a.m.
K15910 : Linux kernel SCTP vulnerabilities CVE-2014-3673 and CVE-2014-3687
2015-09-1600:00:00
my.f5.com
31
Security Advisory Description
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.
The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.
Impact
Remote attackers may be able to cause a denial-of-service (DoS) using malformed or duplicate ASCONF chunk.
Related
nessus
nessus
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3089)
2014-11-19 00:00:00
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3088)
2014-11-14 00:00:00
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2014-3087)
2014-11-14 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2014-11-13 00:00:00
Unbreakable Enterprise kernel security update
2014-11-13 00:00:00
Unbreakable Enterprise kernel security update
2014-11-13 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2014-3089)
2015-10-06 00:00:00
Oracle: Security Advisory (ELSA-2014-3088)
2015-10-06 00:00:00
f5
f5
SOL15910 - Linux kernel SCTP vulnerabilities CVE-2014-3673 and CVE-2014-3687
2014-12-15 00:00:00
SOL16016 - Linux kernel SCTP vulnerability CVE-2014-7841
2015-01-21 00:00:00
redhat
redhat
(RHSA-2015:0115) Important: kernel security update
2015-02-03 00:00:00
(RHSA-2015:0043) Important: kernel security and bug fix update
2015-01-13 00:00:00
(RHSA-2015:0062) Important: kernel security, bug fix, and enhancement update
2015-01-20 00:00:00
prion
prion
Code injection
2014-11-10 11:55:00
Code injection
2014-11-10 11:55:00
nvd
nvd
CVE-2014-3673
2014-11-10 11:55:06
CVE-2014-3687
2014-11-10 11:55:06
debiancve
debiancve
CVE-2014-3687
2014-11-10 11:55:06
CVE-2014-3673
2014-11-10 11:55:06
checkpoint_advisories
checkpoint_advisories
Linux Kernel SCTP Chunk Parameter Padding Denial of Service (CVE-2014-3673)
2015-04-08 00:00:00
cve
cve
CVE-2014-3673
2014-11-10 11:55:06
CVE-2014-3687
2014-11-10 11:55:06
ubuntucve
ubuntucve
CVE-2014-3687
2014-11-10 00:00:00
CVE-2014-3673
2014-11-10 00:00:00
cvelist
cvelist
CVE-2014-3687
2014-11-10 11:00:00
CVE-2014-3673
2014-11-10 11:00:00
suse
suse
Security update for Linux Kernel (important)
2014-12-21 13:12:48
Security update for the Linux Kernel (important)
2015-03-18 22:04:55
Security update for the Linux Kernel (important)
2015-01-30 11:04:56
centos
centos
kernel, perf, python security update
2014-12-17 12:13:22
kernel, perf, python security update
2014-12-10 12:48:13
securityvulns
securityvulns
[USN-2441-1] Linux kernel vulnerabilities
2014-12-21 00:00:00
[SECURITY] [DSA 3060-1] linux security update
2014-11-03 00:00:00
[ MDVSA-2014:230 ] kernel
2014-11-30 00:00:00
ubuntu
ubuntu
Linux kernel (EC2) vulnerabilities
2014-12-12 00:00:00
Linux kernel vulnerabilities
2014-12-12 00:00:00
Linux kernel vulnerabilities
2014-12-12 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: kernel-3.17.2-300.fc21
2014-11-03 05:23:10
[SECURITY] Fedora 20 Update: kernel-3.16.6-202.fc20
2014-10-28 06:43:09
[SECURITY] Fedora 20 Update: kernel-3.16.6-203.fc20
2014-10-28 06:44:32
osv
osv
linux - security update
2014-10-31 00:00:00
linux-2.6 - security update
2014-12-21 00:00:00
debian
debian
[SECURITY] [DSA 3060-1] linux security update
2014-10-31 15:41:41
[SECURITY] [DSA 3060-1] linux security update
2014-10-31 15:41:41
[SECURITY] [DLA 118-1] linux-2.6 security update
2014-12-21 17:45:48