A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled the association's output queue. A remote attacker could send specially crafted packets that would cause the system to use an excessive amount of memory, leading to a denial of service.
Find out more about CVE-2014-3688 from the
MITRE CVE dictionary dictionary and
This issue does affect Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG. Future Linux kernel updates for the respective releases will address this issue.