CVE-2014-3673
published 2014-11-10CVE-2014-3673: The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | linux | < linux 3.16.7-1 (bookworm) | linux 3.16.7-1 (bookworm) |
| linux | linux_kernel | >= 0 < 3.16.7-1 | 3.16.7-1 |
| linux | linux_kernel | >= 0 < 3.16.7-1 | 3.16.7-1 |
| linux | linux_kernel | >= 0 < 3.16.7-1 | 3.16.7-1 |
| linux | linux_kernel | >= 0 < 3.16.7-1 | 3.16.7-1 |
| linux | linux_kernel | >= 0 < 3.13.0-43.72 | 3.13.0-43.72 |
| linux | linux_kernel | >= 2.6.12 < 3.2.64 | 3.2.64 |
| linux | linux_kernel | >= 3.11 < 3.12.34 | 3.12.34 |
| linux | linux_kernel | >= 3.13 < 3.14.25 | 3.14.25 |
| linux | linux_kernel | >= 3.15 < 3.16.35 | 3.16.35 |
| linux | linux_kernel | >= 3.17 < 3.17.4 | 3.17.4 |
| linux | linux_kernel | >= 3.3 < 3.4.107 | 3.4.107 |
| linux | linux_kernel | >= 3.5 < 3.10.61 | 3.10.61 |
| opensuse | evergreen | — | — |
| oracle | linux | — | — |
| oracle | linux | — | — |
| oracle | linux | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_mrg | — | — |
| suse | linux_enterprise_software_development_kit | — | — |
| suse | linux_enterprise_workstation_extension | — | — |
| suse | suse_linux_enterprise_server | — | — |
| suse | suse_linux_enterprise_server | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH