APPLIED: [CVE-2011-1573] sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set

Tim Gardner tim.gardner at
Mon Oct 10 02:24:52 UTC 2011

On 10/07/2011 02:47 PM, Andy Whitcroft wrote:
> CVE-2011-1573
> 	A flaw in the Stream Control Transmission Protocol (SCTP)
> 	implementation could allow a remote attacker to cause a denial
> 	of service if the sysctl "net.sctp.addip_enable" variable was
> 	turned on
> Fixes for this issue have hit everything lucid and newer via either
> mainline or stable.  Following this email is a patch for both hardy and
> lucid/fsl-imx51.  This is a direct cherry-pick from mainline.
> Proposing for hardy and lucid/fsl-imx51.
> -apw

Tim Gardner tim.gardner at

More information about the kernel-team mailing list