** Description changed: - net: sctp: remote memory pressure from excessive queueing + The SCTP implementation in the Linux kernel before 3.17.4 allows remote + attackers to cause a denial of service (memory consumption) by + triggering a large number of chunks in an association's output queue, as + demonstrated by ASCONF probes, related to net/sctp/inqueue.c and + net/sctp/sm_statefuns.c. Break-Fix: 2e3216cd54b142ba605e87522e15f42e0c4e3996 26b87c7881006311828bb0ab271a551a62dcceb4
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1386393 Title: CVE-2014-3688 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1386393/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
