Description
The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat Enterprise Linux 6 | |||
| kernel-0:2.6.32-504.3.3.el6 | cpe:/o:redhat:enterprise_linux:6 | RHSA-2014:1997 | 2014-12-16T00:00:00Z |
| Red Hat Enterprise Linux 6.2 Advanced Update Support | |||
| kernel-0:2.6.32-220.58.1.el6 | cpe:/o:redhat:rhel_mission_critical:6.2 | RHSA-2015:0115 | 2015-02-03T00:00:00Z |
| Red Hat Enterprise Linux 6.4 Extended Update Support | |||
| kernel-0:2.6.32-358.55.1.el6 | cpe:/o:redhat:rhel_eus:6.4 | RHSA-2015:0043 | 2015-01-13T00:00:00Z |
| Red Hat Enterprise Linux 6.5 Extended Update Support | |||
| kernel-0:2.6.32-431.46.2.el6 | cpe:/o:redhat:rhel_eus:6.5 | RHSA-2015:0062 | 2015-01-20T00:00:00Z |
| Red Hat Enterprise Linux 7 | |||
| kernel-0:3.10.0-123.13.1.el7 | cpe:/o:redhat:enterprise_linux:7 | RHSA-2014:1971 | 2014-12-09T00:00:00Z |
No data available yet.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 Debian DLA |
DLA-118-1 | linux-2.6 security update |
 Debian DSA |
DSA-3060-1 | linux security update |
 EUVD |
EUVD-2014-3634 | The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c. |
 Ubuntu USN |
USN-2417-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-2418-1 | Linux kernel (OMAP4) vulnerabilities |
| Ubuntu USN |
USN-2441-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-2442-1 | Linux kernel (EC2) vulnerabilities |
| Ubuntu USN |
USN-2445-1 | Linux kernel (Trusty HWE) vulnerabilities |
| Ubuntu USN |
USN-2446-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-2447-1 | Linux kernel (Utopic HWE) vulnerabilities |
| Ubuntu USN |
USN-2448-1 | Linux kernel vulnerabilities |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T10:50:18.333Z
Reserved: 2014-05-14T00:00:00.000Z
Link: CVE-2014-3688
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-11-30T01:59:02.307
Modified: 2026-05-06T22:30:45.220
Link: CVE-2014-3688
Redhat
OpenCVE Enrichment
No data.
Weaknesses