Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2006-05-09T20:00:00
Updated: 2017-10-10T00:57:01
Reserved: 2006-05-09T00:00:00
Link: CVE-2006-2274
JSON object: View
NVD Information
Status : Modified
Published: 2006-05-09T20:02:00.000
Modified: 2023-11-07T01:58:46.930
Link: CVE-2006-2274
JSON object: View
Redhat Information
No data.
CWE