Linux Kernel _sctp_make_chunk() Denial Of Service Vulnerability

2018-03-05
ID: 96935
CVE: None
Download vulnerable application: None
Linux Kernel "_sctp_make_chunk()" Denial of Service Vulnerability
 ======================================================================
1) Affected Software
 * Linux Kernel version 4.15.0.
  Other versions may also by affected.
 ======================================================================
2) Severity
 Rating: Not critical
Impact: Denial of Service
Where:  Local System
 ======================================================================
3) Description of Vulnerability
 Secunia Research has discovered a vulnerability in Linux Kernel, which
can be exploited by malicious, local users to cause a DoS (Denial of
Service).
 An   error   in   the   "_sctp_make_chunk()"   function
(net/sctp/sm_make_chunk.c) when handling SCTP packets length can be
exploited to cause a kernel crash.
 The vulnerability is confirmed in versions 4.15.0-r7 and 4.15.0.
Other versions may also be affected.
 ======================================================================
4) Solution
 Fixed in the source code repository.
https://git.kernel.org/linus/07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c
 ======================================================================
5) Time Table
 2018/02/07 - Linux Kernel team contacted with vulnerability details.
2018/02/07 - Linux Kernel team advised reporting the vulnerability
             publicly via netdev mailing list.
2018/02/07 - Public disclosure of the vulnerability on netdev mailing
             list.
2018/02/09 - The vulnerability additionally reported on linux-sctp
             mailing list.
2018/02/28 - Release of Secunia Advisory SA81331.
2018/02/28 - Public disclosure of Secunia Research Advisory.
 ======================================================================
6) Credits
 Jakub Jirasek, Secunia Research at Flexera.
 Additionally reported by Alexey Kodanev.
1-4-2 (www01)