CVE-2010-3705
Published: 01 October 2010
The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array.
From the Ubuntu security team
Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service.
Priority
Medium
Status
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3705
- https://usn.ubuntu.com/usn/usn-1000-1
- https://usn.ubuntu.com/usn/usn-1074-1
- https://usn.ubuntu.com/usn/usn-1074-2
- https://usn.ubuntu.com/usn/usn-1083-1
- https://usn.ubuntu.com/usn/usn-1093-1
- https://usn.ubuntu.com/usn/usn-1119-1
- NVD
- Launchpad
- Debian