Update Protection against Linux Kernel sctp_process_unk_param SCTPChunkInit Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2010-077 | |
| Date Published: | ||
| Severity: | ||
| Source: | SecurityFocus Bugtraq ID: 39794 | |
| Industry Reference(s): | CVE-2010-1173 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Linux Kernel Organization Linux Kernel Prior to 2.6.34-rc6 | ||
| Vulnerability Description A buffer overflow vulnerability exists in Linux Kernel Organization's Linux kernel. Linux is a popular open-source operating system. The Linux network protocol stack provides support for Stream Control Transmission Protocol (SCTP), a connection-oriented protocol that is an alternative or compliment to layer 4 protocols such as TCP and UDP. A remote attacker may exploit this vulnerability to cause a denial of service condition or to execute code on a vulnerable system. |
||
|
Vulnerability Details The vulnerability is due to a boundary error in the "sctp_process_unk_param()" function code in the Linux Kernel when handling an "INIT" chunk with multiple malformed parameters. A remote attacker could exploit this issue via a malformed chunk. Successful exploitation would cause a memory overflow that could lead to a system panic resulting in a denial of service condition, or allow the attacker to execute arbitrary code on the affected system. |
Protection Overview
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.