APP: Linux Kernel SCTP sctp_sf_ootb Out of Bounds Read

This signature detects attempts to exploit a known vulnerability in the SCTP networking module of the Linux kernel. A successful exploitation could result in denial of service conditions.

Extended Description

The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.

Affected Products

Linux linux_kernel

References

CVE: CVE-2016-9555

Short Name
APP:LINUX-KERNEL-SCTP-OOB
Severity
Major
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
Bounds CVE-2016-9555 Kernel Linux Out Read SCTP of sctp_sf_ootb
Release Date
03/23/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
Port
IP/132
False Positive
Unknown
Vendors

Linux

CVSS Score

10.0

Found a potential security threat?