** Description changed: - [Creating multiple sockets when SCTP module isn't loaded leads to kernel - panic] + The sctp_init function in net/sctp/protocol.c in the Linux kernel before + 4.2.3 has an incorrect sequence of protocol-initialization steps, which + allows local users to cause a denial of service (panic or memory + corruption) by creating SCTP sockets before all of the steps have + finished. Break-Fix: 4db67e808640e3934d82ce61ee8e2e89fd877ba8 8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1499609 Title: CVE-2015-5283 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1499609/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
