[CVE artful/linux trusty/linux CVE-2018-5803] SCTP DOS
Andy Whitcroft
apw at canonical.com
Mon Jun 4 12:24:38 UTC 2018
CVE-2018-5803:
It was discovered that the SCTP Protocol implementation in
the Linux kernel did not properly validate userspace provided
payload lengths in some situations. A local attacker could
use this to cause a denial of service (system crash).
Following this email are patches for artful/linux (a cherry-pick) and
trusty/linux (a backport). Other series have received this fix via
upstream and stables.
Proposing for SRU to artful/linux and trusty/linux.
-apw
More information about the kernel-team
mailing list