BDU:2015-06243

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

References:

Published: 2015-01-13

BDU:2015-06250

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

References:

Published: 2015-01-13

BDU:2015-06263

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

References:

Published: 2015-01-13

BDU:2015-06264

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

References:

Published: 2015-01-13

BDU:2015-06265

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

References:

Published: 2014-11-10
Modified: 2025-04-12

CVE-2014-3673

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.

Severity: HIGH (7.8) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Published: 2014-11-10
Modified: 2025-04-12

CVE-2014-3687

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.

Severity: HIGH (7.8) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Version: 2.1.2

Package kernel-image-std-def update in p7 on 2014-11-25

ALT-PU-2014-2382-1

Closed vulnerabilities

BDU:2015-06243

BDU:2015-06250

BDU:2015-06263

BDU:2015-06264

BDU:2015-06265

CVE-2014-3673

CVE-2014-3687