BDU:2015-06243

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: CRITICAL (10.0)

References:

Published: 2015-01-13

BDU:2015-06250

Severity: CRITICAL (10.0)

References:

Published: 2015-01-13

BDU:2015-06263

Severity: CRITICAL (10.0)

References:

Published: 2015-01-13

BDU:2015-06264

Severity: CRITICAL (10.0)

References:

Published: 2015-01-13

BDU:2015-06265

Severity: CRITICAL (10.0)

References:

Published: 2014-11-10
Modified: 2024-11-21

CVE-2014-3673

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Published: 2014-11-10
Modified: 2024-11-21

CVE-2014-3687

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Version: 2.1.0

Branch sisyphus update on 2014-11-24

ALT-BU-2014-3121-1

ALT-PU-2014-2380-1

Closed vulnerabilities

BDU:2015-06243

BDU:2015-06250

BDU:2015-06263

BDU:2015-06264

BDU:2015-06265

CVE-2014-3673

CVE-2014-3687