CVE-2013-5209
Publication date 29 August 2013
Last updated 24 July 2024
Ubuntu priority
The sctp_send_initiate_ack function in sys/netinet/sctp_output.c in the SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE does not properly initialize the state-cookie data structure, which allows remote attackers to obtain sensitive information from kernel stack memory by reading packet data in INIT-ACK chunks.
Status
Package | Ubuntu Release | Status |
---|---|---|
kfreebsd-8 | ||
Patch details
Package | Patch details |
---|---|
kfreebsd-8 |