SCTP vulnerability could exhaust system resources
A flaw in the Linux kernel could be exploited by malicious users to cause a denial of service attack.
The vulnerability is caused by missing checks on the SCTP chunk sizes in the SCTP-netfilter code that could be used to create an infinite loop that exhausts system resources.
The problem can be solved by updating to version 2.6.16.13 or later on the Linux kernel website.
Security firm Secunia lists the remote attack as 'moderately critical'.
The problem was fixed by Greg Kroah-Hartman and Patrick McHardy, based on a patch by Ingo Molnar.
A flaw in the Linux kernel could be exploited by malicious users to cause a denial of service attack.
The vulnerability is caused by missing checks on the SCTP chunk sizes in the SCTP-netfilter code that could be used to create an infinite loop that exhausts system resources.
The problem can be solved by updating to version 2.6.16.13 or later on the Linux kernel website.
Security firm Secunia lists the remote attack as 'moderately critical'.
The problem was fixed by Greg Kroah-Hartman and Patrick McHardy, based on a patch by Ingo Molnar.
Share this page
Email this page
Back to Top
Home
Edit Post
0 comments: