Intrusion Prevention

Linux.Kernel.Sctp_process_unk_param.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in the Linux kernel.
The vulnerability is caused by an error when the sctp_process_unk_param function in net/sctp/sm_make_chunk.c handles a specially crafted SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data. It allows a remote attacker to compromise a vulnerable system.

Affected Products

Linux kernel 2.6.33 and previous versions

Impact

Denial of service

Recommended Actions

Contact your vendor for upgrade or patch information.

CVE References

CVE-2010-1173