CVE-2008-2826 in Kernelinfo

Summary

Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

06/23/2008

Disclosure

07/02/2008

Moderation

VulDB entry created

Entries

VDB-43008 (1)

CPE

ready

CWE

CWE-189 (Confirmed)

CVSS

6.2

EPSS

0.00151

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-2826
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-2826
CVE Details	https://www.cvedetails.com/cve/CVE-2008-2826/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!