The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.
(
CVE-2014-7841
)
Impact
Remote attackers may be able to cause a denial-of-service (DoS) using malformed ASCONF INIT chunk.