CVE-2007-2876 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-2876
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2876

Description: The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/34777 UBUNTU http://www.ubuntu.com/usn/usn-486-1 http://www.ubuntu.com/usn/usn-489-1 http://www.ubuntu.com/usn/usn-510-1 SUSE http://www.novell.com/linux/security/advisories/2007_53_kernel.html http://www.novell.com/linux/security/advisories/2007_51_kernel.html http://www.novell.com/linux/security/advisories/2007_43_kernel.html SAID Secunia Advisory: SA27227 Secunia Advisory: SA26664 Secunia Advisory: SA26620 Secunia Advisory: SA26760 Secunia Advisory: SA26450 Secunia Advisory: SA26289 Secunia Advisory: SA26139 Secunia Advisory: SA25961 Secunia Advisory: SA25838 Secunia Advisory: SA26133 REDHAT http://rhn.redhat.com/errata/RHSA-2007-0488.html http://www.redhat.com/support/errata/RHSA-2007-0705.html MLIST http://marc.info/?l=linux-kernel&m=118128622431272&w=2 http://marc.info/?l=linux-kernel&m=118128610219959&w=2 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:196 http://www.mandriva.com/security/advisories?name=MDKSA-2007:171 DEBIAN http://www.debian.org/security/2007/dsa-1356 CONFIRM http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4 http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm BID 24376

Return to the previous page.