Description: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf()
References:
Notes:
 carnil> Introduced in 2.6.17-rc5 with 61c9fed41638249f8b6ca5345064eb1beb50179f
 bwh> Upstream fix actually makes things worse; see
 bwh> https://marc.info/?l=linux-sctp&m=148770688203103&w=2 and CVE-2017-6353
Bugs:
upstream: released (4.10-rc8) [2dcab598484185dea7ec22219c76dcdd59e3cb90]
4.9-upstream-stable: released (4.9.11) [00eff2ebbd229758e90659907724c14dd5a18339]
3.16-upstream-stable: released (3.16.42) [sctp-avoid-bug_on-on-sctp_wait_for_sndbuf.patch]
3.2-upstream-stable: released (3.2.87) [sctp-avoid-bug_on-on-sctp_wait_for_sndbuf.patch]
sid: released (4.9.10-1) [bugfix/all/sctp-avoid-BUG_ON-on-sctp_wait_for_sndbuf.patch]
3.16-jessie-security: released (3.16.39-1+deb8u2) [bugfix/all/sctp-avoid-BUG_ON-on-sctp_wait_for_sndbuf.patch]
3.2-wheezy-security: released (3.2.86-1) [bugfix/all/sctp-avoid-bug_on-on-sctp_wait_for_sndbuf.patch]