// For flags

CVE-2008-2826

kernel: sctp: sctp_getsockopt_local_addrs_old() potential overflow

Severity Score

5.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure.

Desbordamiento de entero en la función sctp_getsockopt_local_addrs_old de net/sctp/socket.c en la funcionalidad Stream Control Transmission Protocol (sctp)(Protocolo de Transmisión del Control de Flujo) en el kernel de Linux anterior a 2.6.25.9 permite a usuarios locales provocar una denegación de servicio (agotamiento de recursos y parada de sistema) mediante vectores que involucran un campo addr_num largo en una estructura de datos sctp_getaddrs_old.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-06-23 CVE Reserved
  • 2008-07-02 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-190: Integer Overflow or Wraparound
CAPEC
References (25)
URL Tag Source
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=735ce972fbc8a65fb17788debd7bbe7b4383cc62 X_refsource_confirm
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.9 Broken Link
http://lwn.net/Articles/287350 Third Party Advisory
http://secunia.com/advisories/30901 Third Party Advisory
http://secunia.com/advisories/31107 Third Party Advisory
http://secunia.com/advisories/31202 Third Party Advisory
http://secunia.com/advisories/31551 Third Party Advisory
http://secunia.com/advisories/31628 Third Party Advisory
http://secunia.com/advisories/32370 Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0207 Broken Link
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.7 Broken Link
http://www.securityfocus.com/bid/29990 Third Party Advisory
http://www.securitytracker.com/id?1020514 Third Party Advisory
http://www.vupen.com/english/advisories/2008/2511 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/43559 Third Party Advisory
https://issues.rpath.com/browse/RPL-2629 Broken Link
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html 2023-11-07
http://www.debian.org/security/2008/dsa-1630 2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2008:167 2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2008:174 2023-11-07
http://www.redhat.com/support/errata/RHSA-2008-0585.html 2023-11-07
http://www.ubuntu.com/usn/usn-625-1 2023-11-07
https://access.redhat.com/security/cve/CVE-2008-2826 2008-08-26
https://bugzilla.redhat.com/show_bug.cgi?id=452478 2008-08-26
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 < 2.6.25.9
Search vendor "Linux" for product "Linux Kernel" and version " < 2.6.25.9"
-
Affected
Opensuse
Search vendor "Opensuse"
 Opensuse
Search vendor "Opensuse" for product "Opensuse"
 10.3
Search vendor "Opensuse" for product "Opensuse" and version "10.3"
-
Affected
Opensuse
Search vendor "Opensuse"
 Opensuse
Search vendor "Opensuse" for product "Opensuse"
 11.0
Search vendor "Opensuse" for product "Opensuse" and version "11.0"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 4.0
Search vendor "Debian" for product "Debian Linux" and version "4.0"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 6.06
Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 7.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "7.04"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 7.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "7.10"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 8.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "8.04"
-
Affected