Your submission was sent successfully! Close

CVE-2011-4348

Published: 8 June 2013

Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482.

Notes

AuthorNote
mdeslaur
RH specific?
apw
this is a fix for the fix for CVE-2011-2482.  That CVE was introduced
in a flawed backport of a v2.6.21 feature and therefore we did not
have this backport.  By induction we are not affected by this one.
Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
hardy Not vulnerable

lucid Not vulnerable

maverick Not vulnerable

natty Not vulnerable

oneiric Not vulnerable

precise Not vulnerable

upstream Not vulnerable

linux-ec2
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Ignored
(binary supplied by "linux" now)
natty Does not exist

oneiric Does not exist

precise Does not exist

upstream Not vulnerable

linux-fsl-imx51
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

upstream Not vulnerable

linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

upstream Not vulnerable

linux-lts-backport-natty
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

upstream Not vulnerable

linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

upstream Not vulnerable

linux-mvl-dove
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Not vulnerable

natty Does not exist

oneiric Does not exist

precise Does not exist

upstream Not vulnerable

linux-ti-omap4
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

maverick Not vulnerable

natty Not vulnerable

oneiric Not vulnerable

precise Not vulnerable

upstream Not vulnerable