CVE-2008-3526
Published Aug 27, 2008
Last updated 2 years ago
Overview
- Description
- Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-189
Vendor comments
- Red HatThis issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5. It was addressed in Red Hat Enterprise MRG for RHEL-5 via: https://rhn.redhat.com/errata/RHSA-2008-0857.html
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13673DF5-09B1-40C8-AC54-A447DE8AB01E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A12DE15-E192-4B90-ADB7-A886B3746DD7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF6588E7-F4FA-40F5-8945-FC7B6094376E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52152F5A-1833-4490-A373-9C547B90B0F8"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B64A095E-5E97-445E-B435-F09983CC0E7A"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8035F93-9DEE-4B92-ABAA-4ABE0B71BF41"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6EE92406-DBF3-463E-8A51-F9679E851FDB"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C60D19B-ED9B-443C-9D49-002ABD381119"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "264C61EE-64F6-43AD-B54F-7D683C29E64F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0149408A-30F6-4EDF-8B3B-CBAB884CE758"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3069324C-28FB-4BB6-9451-F3AC6A8DA64C"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24_rc4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F3D19AD-4268-45E7-B13D-BC93ABDF2226"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24_rc5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67E619E6-A515-43BC-B371-C1FF6DAA6CCE"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71295664-89EC-4BB3-9F86-B1DDA20FAC5A"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37BE853A-BA6F-4A70-B166-E34441F0B7DE"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85064FDF-4B62-43BF-B36C-F659D739BC22"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CEADC505-FF44-4D45-8EA6-B23A1C4564D1"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CE3C807-5C9B-4B71-868B-DF17ECB1514F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6CADAA2-91D2-40C4-90F3-D7F40A3D4CB0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45B6847C-873B-4BE1-852D-239115E59BA4"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF41209E-D27F-4642-A405-90E822A41897"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97F59FD9-46E5-4F63-80A0-091AD44D1867"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "428844A5-E020-4AE9-8012-9AEDFCB7C32E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94C9D70D-A552-48D6-9497-EE07EB5649D1"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF6169FF-9FF9-4A81-BAEB-6D5132F64F61"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6DC79CF-A504-4232-9F66-B5DCD0213DA0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "192B4273-0935-4232-BBFD-A850855CAC5F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60E9FDA8-7EC3-4B9B-B508-27F948D60DDB"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4E4A6E5-0C2C-42FD-B982-684CCB0DDFBB"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E45F4429-5A9C-4E8B-96EE-CCF19776CABF"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1EFCAF09-BB20-424C-8648-014C0F71F8A9"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A74970C-5EEA-47A7-A62D-AF98F4D1228F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CEA56669-B09E-42C2-9591-245C46909A2F"
}
],
"operator": "OR"
}
]
}
]