CVE-2014-7841
EPSS 18.3%linux - security update
發布日:2014/11/30修改日:2026/4/28
描述
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.
受影響套件(2)
- Debian/linuxfrom 0, < 3.16.7-ckt2-1
- Debian/linuxfrom 0, < 3.2.63-2+deb7u2