Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2006-2275

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer."

Related bugs and status

CVE-2006-2275 (Candidate) is related to these bugs:

Bug #41284: Don't allow a backslash in a path component (CVE-2006-1863)

Summary				In	Importance	Status
	41284	Don't allow a backslash in a path component (CVE-2006-1863)		linux-source-2.6.15 (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://git.kernel.org/...
TRUSTIX: 2006-0026
BID: 17955
UBUNTU: USN-302-1
SECUNIA: 20716
REDHAT: RHSA-2006:0575
SECUNIA: 21465
CONFIRM: http://support.avaya.c...
SECUNIA: 22417
XF: linux-sctp-receive-dos...
OVAL: oval:org.mitre.oval:de...