[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#811277: kfreebsd-10: CVE-2016-1879: SCTP ICMPv6 error message vulnerability [SA-16:01]

Package: src:kfreebsd-10
Version: 10.1~svn274115-4+kbsd8u1
Severity: grave
Tags: security upstream                                                                                           
Control: found -1 10.1~svn274115-10

Specially crafted SCTP packets via IPv6 can trigger remote denial of
service in kfreebsd-10, even if SCTP sockets are not used.

https://security.FreeBSD.org/advisories/FreeBSD-SA-16:01.sctp.asc

SCTP is disabled in wheezy's latest kfreebsd-9 package, otherwise it
would have been affected by this too.
Reply to: