Bug#811277: kfreebsd-10: CVE-2016-1879: SCTP ICMPv6 error message vulnerability [SA-16:01]
Package: src:kfreebsd-10
Version: 10.1~svn274115-4+kbsd8u1
Severity: grave
Tags: security upstream
Control: found -1 10.1~svn274115-10
Specially crafted SCTP packets via IPv6 can trigger remote denial of
service in kfreebsd-10, even if SCTP sockets are not used.
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:01.sctp.asc
SCTP is disabled in wheezy's latest kfreebsd-9 package, otherwise it
would have been affected by this too.
Reply to: