what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed

CVE-2013-2206

Status Candidate

Overview

The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.

Related Files

VMware Security Advisory 2013-0015
Posted Dec 7, 2013
Authored by VMware | Site vmware.com

VMware Security Advisory 2013-0015 - VMware has updated several third party libraries in ESX that address multiple security vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-2372, CVE-2012-3552, CVE-2013-0791, CVE-2013-1620, CVE-2013-2147, CVE-2013-2164, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237
MD5 | fd9260b02dde1bdf6e738dc7777eb251
Debian Security Advisory 2766-1
Posted Sep 30, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2766-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-2141, CVE-2013-2164, CVE-2013-2206, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2239, CVE-2013-2851, CVE-2013-2852, CVE-2013-2888, CVE-2013-2892
MD5 | 24180ab9a5fa022aa5001bc9779ccf9b
Ubuntu Security Notice USN-1940-1
Posted Sep 6, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1940-1 - Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory slots for the guest's address space. A local user could exploit this flaw to gain system privileges or obtain sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2013-1060, CVE-2013-1943, CVE-2013-2206, CVE-2013-4162, CVE-2013-1060, CVE-2013-1943, CVE-2013-2206, CVE-2013-4162
MD5 | e8d9c4e87b7518e707b17e6d51dfe24a
Ubuntu Security Notice USN-1939-1
Posted Sep 6, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1939-1 - Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory slots for the guest's address space. A local user could exploit this flaw to gain system privileges or obtain sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2013-1060, CVE-2013-1943, CVE-2013-2206, CVE-2013-4162, CVE-2013-1060, CVE-2013-1943, CVE-2013-2206, CVE-2013-4162
MD5 | 1339a0ee671d7ff2795f4ee0c938c6c5
Red Hat Security Advisory 2013-1195-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1195-01 - Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4 kernel. These custom kernel packages include support for network namespaces, this support is required to facilitate advanced OpenStack Networking deployments. A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2012-6544, CVE-2013-2146, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2237
MD5 | bb751fd3ee44677196b32096e41b9615
Red Hat Security Advisory 2013-1173-01
Posted Aug 27, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1173-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2012-6544, CVE-2013-2146, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2237
MD5 | c5030731224f6d0ef5233bad9ff34e34
Red Hat Security Advisory 2013-1166-01
Posted Aug 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1166-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2013-2147, CVE-2013-2164, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237
MD5 | 9d28e7559e20553180abb7781f1f8af4
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close