APPLIED: [CVE-2011-1573] sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set

Tim Gardner tim.gardner at canonical.com
Mon Oct 10 02:24:52 UTC 2011


On 10/07/2011 02:47 PM, Andy Whitcroft wrote:
> CVE-2011-1573
> 	A flaw in the Stream Control Transmission Protocol (SCTP)
> 	implementation could allow a remote attacker to cause a denial
> 	of service if the sysctl "net.sctp.addip_enable" variable was
> 	turned on
>
> Fixes for this issue have hit everything lucid and newer via either
> mainline or stable.  Following this email is a patch for both hardy and
> lucid/fsl-imx51.  This is a direct cherry-pick from mainline.
>
> Proposing for hardy and lucid/fsl-imx51.
>
> -apw
>


-- 
Tim Gardner tim.gardner at canonical.com



More information about the kernel-team mailing list