Vulnerability Details : CVE-2008-3792
net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.
Vulnerability category: Memory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2008-3792
Probability of exploitation activity in the next 30 days: 0.30%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 67 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2008-3792
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.1
|
HIGH | AV:N/AC:M/Au:N/C:N/I:N/A:C |
8.6
|
6.9
|
NIST |
Vendor statements for CVE-2008-3792
-
Red Hat 2009-01-15This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5. It was addressed in Red Hat Enterprise MRG for RHEL-5 via: https://rhn.redhat.com/errata/RHSA-2008-0857.html
- http://www.trapkit.de/advisories/TKADV2008-007.txt
-
http://lkml.org/lkml/2008/8/23/49
-
http://www.securitytracker.com/id?1020854
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5e739d1752aca4e8f3e794d431503bfca3162df4
-
http://www.securityfocus.com/bid/31121
Exploit;Patch
- http://www.openwall.com/lists/oss-security/2008/09/26/6
-
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4
Vendor Advisory
-
http://securityreason.com/securityalert/4210
Exploit
- http://www.debian.org/security/2008/dsa-1636
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/45189
-
http://www.openwall.com/lists/oss-security/2008/08/26/6
-
http://www.openwall.com/lists/oss-security/2008/08/26/8
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html
-
http://marc.info/?l=linux-netdev&m=121928747903176&w=2
- http://www.securityfocus.com/archive/1/496256/100/0/threaded
-
http://www.openwall.com/lists/oss-security/2008/08/25/1
- http://www.ubuntu.com/usn/usn-659-1
- http://www.redhat.com/support/errata/RHSA-2008-0857.html
- cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*