Security Advisory

CVE-2010-3705

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-11-26 19:00:00

Last updated 2024-08-07 03:18:53

Assigner redhat

State PUBLISHED

Description

The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array.

← Browse all CVEs View on cve.org ↗