CVE-2014-0101

Severity CVSS v4.0:
Pending analysis
Type:
CWE-476 NULL Pointer Dereference
Publication date:
11/03/2014
Last modified:
12/04/2025

Description

The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 2.6.24 (including) 3.2.56 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 3.3 (including) 3.4.84 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 3.5 (including) 3.10.34 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 3.11 (including) 3.12.15 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 3.13 (including) 3.13.7 (excluding)
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*