mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
817 B
817 B
CVE-2014-7841
Description
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.
POC
Reference
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4
- https://bugzilla.redhat.com/show_bug.cgi?id=1163087
Github
No PoCs found on GitHub currently.