|Bugzilla:||757143: CVE-2011-4348 kernel: incomplete fix for CVE-2011-2482|
The MITRE CVE dictionary describes this issue as:
Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482.
This issue did not affect the version of the Linux kernel as shipped with Red Hat Enterprise Linux 4, 6 and Red Hat Enterprise MRG as they were not vulnerable to CVE-2011-2482. This has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2012-0007.html.
CVSS v2 metrics
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat security errata
|Red Hat Enterprise Linux version 5 (kernel)||RHSA-2012:0007||January 10, 2012|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.