VDB
CVE-2010-1173
CVE-2010-1173
PUBLISHED
Reported by redhat · Published May 7, 2010
The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, n/a |
Exploit Intelligence
- http://article.gmane.org/gmane.linux.network/159531 (nist-nvd)
- http://marc.info/?l=oss-security&m=127251068407878&w=2 (nist-nvd)
- http://www.openwall.com/lists/oss-security/2010/04/29/1 (nist-nvd)
- http://www.openwall.com/lists/oss-security/2010/04/29/6 (nist-nvd)
- Linux Kernel 2.6.33.3 - SCTP INIT Remote Denial of Service - Linux dos Exploit (variot)
- Linux Kernel 2.6.33.3 - SCTP INIT Remote Denial of Service - Linux dos Exploit (variot)
- Linux Kernel 2.6.33.3 - SCTP INIT Remote Denial of Service - Linux dos Exploit (variot)
- Linux Kernel 2.6.33.3 - SCTP INIT Remote Denial of Service - Linux dos Exploit (variot)
- Linux Kernel 2.6.33.3 - SCTP INIT Remote Denial of Service - Linux dos Exploit (variot)
- Linux Kernel 2.6.33.3 - SCTP INIT Remote Denial of Service - Linux dos Exploit (variot)
…and 1 more exploits
Timeline
- May 7, 2010 CVE Published
- Aug 9, 2010 PoC Published
- Aug 9, 2010 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- Apr 5, 2023 EPSS Score
- Jul 8, 2023 EPSS Score
References
- [oss-security] 20100429 CVE-2010-1173 kernel: skb_over_panic resulting from multiple invalid parameter errors mailing-listx_refsource_MLIST
- MDVSA-2010:198 vendor-advisoryx_refsource_MANDRIVA
- [netdev] 20100428 Re: [PATCH]: sctp: Fix skb_over_panic resulting from multiple invalid parameter errors (CVE-2010-1173) (v4) mailing-listx_refsource_MLIST
- [oss-security] 20100429 Re: CVE-2010-1173 kernel: skb_over_panic resulting from multiple invalid parameter errors mailing-listx_refsource_MLIST
- RHSA-2010:0474 vendor-advisoryx_refsource_REDHAT
- 43315 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- 40218 third-party-advisoryx_refsource_SECUNIA
- oval:org.mitre.oval:def:11416 vdb-entrysignaturex_refsource_OVAL
- x_refsource_CONFIRM
- DSA-2053 vendor-advisoryx_refsource_DEBIAN
- 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX mailing-listx_refsource_BUGTRAQ
- 39830 third-party-advisoryx_refsource_SECUNIA
- [oss-security] 20100429 Re: CVE-2010-1173 kernel: skb_over_panic resulting from multiple invalid parameter errors mailing-listx_refsource_MLIST