Close Panel

1

May

2009

Linux Kernel 2.6.x SCTP FWD Memory Corruption

By IPSECS Admin. Posted in Exploitation | Comments Off

Common Vulnerabilities and Exposures

http://cve.mitre.org/cgi-bi/cvename.cgi?name=CVE-2009-0065

“Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID. “

Ubuntu Security Notice USN-751-1

http://www.ubuntu.com/usn/usn-751-1

“The SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. (CVE-2009-0065)”

RedHat Security Advisory

http://rhn.redhat.com/errata/RHSA-2009-0331.html

“a buffer overflow was found in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a denial of service if a Forward-TSN chunk is received with a large stream ID. (CVE-2009-0065, Important) ”

Read more »