Denial of Service Vulnerability in Linux Kernel SCTP Implementation

Denial of Service Vulnerability in Linux Kernel SCTP Implementation

CVE-2014-3688 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.