Vigil@nce - Linux kernel: denial of service via sctp_accept
January 2016 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
A local attacker can generate a deadlock via sctp_accept() in the
Linux kernel, in order to trigger a denial of service.
Impacted products: Debian, Linux.
Severity: 1/4.
Creation date: 11/01/2016.
DESCRIPTION OF THE VULNERABILITY
The SCTP protocol is used to transport several message streams,
multiplexed over one connection.
However, when the sctp_accept() function is called during a
timeout, a deadlock occurs in the net/sctp/sm_sideeffect.c file.
A local attacker can therefore generate a deadlock via
sctp_accept() in the Linux kernel, in order to trigger a denial of
service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-sctp-accept-18678