Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 22.214.171.124 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option.
Publish Date : 2008-08-27 Last Update Date : 2017-08-07
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify
a vulnerability or a missing patch. Check out the OVAL definitions
if you want to learn what you should do to verify a vulnerability.