Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2008-08-27T20:00:00
Updated: 2017-08-07T12:57:01
Reserved: 2008-08-07T00:00:00
Link: CVE-2008-3526
JSON object: View
NVD Information
Status : Modified
Published: 2008-08-27T20:41:00.000
Modified: 2023-02-13T02:19:24.323
Link: CVE-2008-3526
JSON object: View
Redhat Information
No data.
CWE