blob: 805229090788971754b720dfa1b62f92b49092cc (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
Description: SCTP denial of service during heartbeat timeout functions
References:
Notes:
bwh> I'm not sure exactly how far back this is needed as I can't see
bwh> where the change of association is made. But SCTP hasn't
bwh> changed a whole lot since 2.6.32 and most other security fixes
bwh> have been needed all the way back.
Bugs:
upstream: released (4.3-rc4) [635682a14427d241bab7bbdeebb48a7d7b91638e]
3.16-upstream-stable: released (3.16.7-ckt24)
3.2-upstream-stable: released (3.2.77) [sctp-prevent-soft-lockup-when-sctp_accept-is-called-during-a.patch]
2.6.32-upstream-stable: released (2.6.32.71)
sid: released (4.3.1-1)
3.16-jessie-security: released (3.16.7-ckt20-1+deb8u3) [bugfix/all/sctp-prevent-soft-lockup-when-sctp_accept-is-called-.patch]
3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/sctp-prevent-soft-lockup-when-sctp_accept-is-called-.patch]
2.6.32-squeeze-security: released (2.6.32-48squeeze19) [bugfix/all/sctp-prevent-soft-lockup-when-sctp_accept-is-called-.patch]
|