Linux Kernel 2.6.16.13 Multiple SCTP Remote Denial of Service Vulnerabilities
BID:17955
Info
Linux Kernel 2.6.16.13 Multiple SCTP Remote Denial of Service Vulnerabilities
| Bugtraq ID: | 17955 |
| Class: | Design Error |
| CVE: |
CVE-2006-2274 CVE-2006-2275 |
| Remote: | Yes |
| Local: | No |
| Published: | May 12 2006 12:00AM |
| Updated: | Jan 18 2007 05:00PM |
| Credit: | These issues were disclosed by the vendor. |
| Vulnerable: |
Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 5.0 4 powerpc Ubuntu Ubuntu Linux 5.0 4 i386 Ubuntu Ubuntu Linux 5.0 4 amd64 Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 Trustix Secure Enterprise Linux 2.0 SuSE SUSE Linux Enterprise Server 8 SuSE Linux Enterprise Server 9 SuSE Linux Desktop 1.0 S.u.S.E. UnitedLinux 1.0 S.u.S.E. Novell Linux Desktop 1.0 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 10.0 S.u.S.E. Linux Professional 9.3 x86_64 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux Professional 9.2 x86_64 S.u.S.E. Linux Professional 9.2 S.u.S.E. Linux Professional 9.1 x86_64 S.u.S.E. Linux Professional 9.1 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 9.3 x86_64 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Enterprise Server for S/390 9.0 S.u.S.E. Linux Enterprise Server for S/390 Redhat Fedora Core5 Redhat Fedora Core4 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux AS 4 Redhat Desktop 4.0 Mandriva Linux Mandrake 2006.0 x86_64 Mandriva Linux Mandrake 2006.0 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 Linux kernel 2.6.16 13 Linux kernel 2.6.16 .9 Linux kernel 2.6.16 .8 Linux kernel 2.6.16 .7 Linux kernel 2.6.16 .5 Linux kernel 2.6.16 .4 Linux kernel 2.6.16 .3 Linux kernel 2.6.16 .2 Linux kernel 2.6.16 .11 Linux kernel 2.6.16 .1 Linux kernel 2.6.16 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Avaya S8710 R2.0.1 Avaya S8710 R2.0.0 Avaya S8710 CM 3.1 Avaya S8700 R2.0.1 Avaya S8700 R2.0.0 Avaya S8700 CM 3.1 Avaya S8500 R2.0.1 Avaya S8500 R2.0.0 Avaya S8500 CM 3.1 Avaya S8500 0 Avaya S8300 R2.0.1 Avaya S8300 R2.0.0 Avaya S8300 CM 3.1 Avaya S8300 0 Avaya Messaging Storage Server MM3.0 Avaya Converged Communications Server 2.0 |
| Not Vulnerable: | |
Discussion
Linux Kernel 2.6.16.13 Multiple SCTP Remote Denial of Service Vulnerabilities
The Linux kernel SCTP module is susceptible to remote denial-of-service vulnerabilities. These issues are triggered when the kernel handles unexpected SCTP packets.
These issues allow remote attackers to trigger kernel deadlock and infinite recursion, denying further service to legitimate users.
The Linux kernel version 2.6.16 is vulnerable to these issues; prior versions may also be affected.
The Linux kernel SCTP module is susceptible to remote denial-of-service vulnerabilities. These issues are triggered when the kernel handles unexpected SCTP packets.
These issues allow remote attackers to trigger kernel deadlock and infinite recursion, denying further service to legitimate users.
The Linux kernel version 2.6.16 is vulnerable to these issues; prior versions may also be affected.
Exploit / POC
Linux Kernel 2.6.16.13 Multiple SCTP Remote Denial of Service Vulnerabilities
To exploit this issue, a remote attacker uses an application that creates SCTP network packets.
To exploit this issue, a remote attacker uses an application that creates SCTP network packets.
Solution / Fix
Linux Kernel 2.6.16.13 Multiple SCTP Remote Denial of Service Vulnerabilities
Solution:
Fixes have been committed to the Linux kernel source-control repository.
Please see the references for vendor advisories and fixes.
Linux kernel 2.6.16
Solution:
Fixes have been committed to the Linux kernel source-control repository.
Please see the references for vendor advisories and fixes.
Linux kernel 2.6.16
-
RedHat Fedora kernel-2.6.16-1.2122_FC5.i586.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-2.6.16-1.2122_FC5.ppc.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-2.6.16-1.2122_FC5.ppc64.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-2.6.16-1.2122_FC5.x86_64.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-debuginfo-2.6.16-1.2122_FC5.ppc.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-debuginfo-2.6.16-1.2122_FC5.x86_64.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-devel-2.6.16-1.2122_FC5.ppc.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-devel-2.6.16-1.2122_FC5.ppc64.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-devel-2.6.16-1.2122_FC5.x86_64.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-doc-2.6.16-1.2122_FC5.noarch.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-kdump-2.6.16-1.2122_FC5.x86_64.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-kdump-devel-2.6.16-1.2122_FC5.x86_64.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-smp-2.6.16-1.2122_FC5.ppc.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-smp-devel-2.6.16-1.2122_FC5.ppc.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-xen0-2.6.16-1.2122_FC5.x86_64.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-xenU-2.6.16-1.2122_FC5.x86_64.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ -
RedHat Fedora kernel-xenU-devel-2.6.16-1.2122_FC5.x86_64.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
References
Linux Kernel 2.6.16.13 Multiple SCTP Remote Denial of Service Vulnerabilities
References:
References:
- [SCTP]: Allow spillover of receive buffer to avoid deadlock. (kernel.org)
- [SCTP]: Prevent possible infinite recursion with multiple bundled DATA. (kernel.org)
- ASA-2006-161 - kernel security update (RHSA-2006-0493) (Avaya)
- ASA-2006-200 - Updated kernel packages available for Red Hat Enterprise Linux 4 (Avaya)
- lksctp Project Home Page (lksctp Project)
- RHSA-2006:0575-22 - Updated kernel packages available for Red Hat Enterprise Lin (Red Hat)