VDB
CVE-2008-4113
CVE-2008-4113
PUBLISHED
CVSS 4.699999809265137 MEDIUM
The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function.
EPSS 0.19% · 40.7th percentile
Risk Scores
CVSS 2.0
4.699999809265137
EPSS Score
0.19%
40.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | linux_kernel | 2.6.22.8, 2.4.36.3, 0 |
| n/a | n/a | * |
Exploit Intelligence
- CIRCL confirmed: CVE-2008-4113 (circl-sighting)
- SUSE-SA:2008:053 (circl)
- RHSA-2008:0857 (circl)
- 32190 (circl)
- 1021000 (circl)
- DSA-1655 (circl)
- 32393 (circl)
- 31121 (circl)
- USN-659-1 (circl)
- http://www.trapkit.de/advisories/TKADV2008-007.txt (circl)
…and 10 more exploits
Timeline
- Sep 16, 2008 CVE Published
- Dec 29, 2008 PoC Published
- Dec 29, 2008 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
References
- http://secunia.com/advisories/32315 technical
- 1021000 vdb
- http://www.trapkit.de/advisories/TKADV2008-007.txt url
- 32190 third-party-advisory
- 4266 third-party-advisory
- DSA-1655 vendor-advisory
- 32393 third-party-advisory
- 7618 exploit
- 31121 vdb
- USN-659-1 vendor-advisory
- http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=d97240552cd98c4b07322f30f66fd9c3ba4171de url
- SUSE-SA:2008:053 vendor-advisory
- RHSA-2008:0857 vendor-advisory
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4 url
- kernel-sctpgetsockopthmac-info-disclosure(45188) vdb
- 20080911 [TKADV2008-007] Linux Kernel SCTP-AUTH API Information Disclosure Vulnerability and NULL Pointer Dereferences mailing-list
- [oss-security] 20080926 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2008-4113 advisory
- http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commit;h=d97240552cd98c4b07322f30f66fd9c3ba4171de url