[CVE-2011-1573] sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set

Andy Whitcroft apw at canonical.com
Fri Oct 7 13:47:45 UTC 2011


CVE-2011-1573
	A flaw in the Stream Control Transmission Protocol (SCTP)
	implementation could allow a remote attacker to cause a denial
	of service if the sysctl "net.sctp.addip_enable" variable was
	turned on

Fixes for this issue have hit everything lucid and newer via either
mainline or stable.  Following this email is a patch for both hardy and
lucid/fsl-imx51.  This is a direct cherry-pick from mainline.

Proposing for hardy and lucid/fsl-imx51.

-apw



More information about the kernel-team mailing list