CVE-2010-0008

Impact:
Important
Public Date:
2010-03-16
IAVA:
2011-A-0066
CWE:
CWE-130->CWE-119
Bugzilla:
555658: CVE-2010-0008 kernel: sctp remote denial of service

The MITRE CVE dictionary describes this issue as:

The sctp_rcv_ootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service (infinite loop) via (1) an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length.

Find out more about CVE-2010-0008 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3 as it did not include support for SCTP. It did not affect the version of Linux kernel as shipped with Red Hat Enterprise MRG as it has already had the fix to this issue. This was addressed in Red Hat Enterprise Linux 4 and 5 via https://rhn.redhat.com/errata/RHSA-2010-0146.html and https://rhn.redhat.com/errata/RHSA-2010-9419.html respectively.

CVSS v2 metrics

Base Score 7.8
Base Metrics AV:N/AC:L/Au:N/C:N/I:N/A:C
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (kernel) RHSA-2010:0146 2010-03-17
Red Hat Enterprise Linux Extended Update Support 4.7 (kernel) RHSA-2010:0342 2010-04-06
Red Hat Enterprise Linux EUS (v. 5.3 server) (kernel) RHSA-2010:0149 2010-03-17
Red Hat Enterprise Linux EUS (v. 5.2 server) (kernel) RHSA-2010:0148 2010-03-17
Red Hat Enterprise Virtualization Hypervisor 5 (rhev-hypervisor) RHSA-2010:0172 2010-03-24
Red Hat Enterprise Linux 5 (kernel) RHSA-2010:0147 2010-03-17

Acknowledgements

Red Hat would like to thank Telesys Software for responsibly reporting this issue.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.