CVE-2014-3688
EPSS 5.9%
描述
The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c.
如何修補 CVE-2014-3688
要修補 CVE-2014-3688,請將受影響套件升級到下列已修補版本。
- Debian/linux—升級至 3.16.7-1 或更新版本
CVE-2014-3688 正在被利用嗎?
中等 — EPSS 為 5.9%,可持續追蹤但非最高優先。
受影響套件(1)
- from 0, < 3.16.7-1