CVE-2008-4618

Impact:
Important
Public Date:
2008-09-30
Bugzilla:
465730: CVE-2008-4618 kernel: sctp: Fix kernel panic while process protocol violation parameter

The MITRE CVE dictionary describes this issue as:

The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service (panic) via unspecified vectors, related to sctp_sf_violation_paramlen, sctp_sf_abort_violation, sctp_make_abort_violation, and incorrect data types in function calls.

Find out more about CVE-2008-4618 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

The versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5 were not affected by this issue.

This issue only affected the version of Linux kernel as shipped with Red Hat Enterprise MRG and was addressed via: https://rhn.redhat.com/errata/RHSA-2009-0009.html

Red Hat Security Errata

Platform Errata Release Date
MRG Grid for RHEL 5 Server (kernel-rt) RHSA-2009:0009 2009-01-22

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.