FreeBSD SCTP stream Reset Vulnerability (CVE-2014-8613)
Release date:
Updated on:
Affected Systems:
FreeBSD
Description:
Bugtraq id: 72345
CVE (CAN) ID: CVE-2014-8613
FreeBSD is a UNIX operating system. SCTP provides reliable, throttling, and bidirectional data transmission.
FreeBSD does not validate the received SCTP RE_CONFIG data block, which can cause indirect reference by a null pointer. Remote attackers send malformed SCTP data packets to the affected FreeBSD system. This vulnerability can cause kernel crash.
<* Source: Gerasimos Dimitriadis
Link: https://www.freebsd.org/security/advisories/FreeBSD-SA-15:03.sctp.asc
*>
Suggestion:
Vendor patch:
FreeBSD
-------
FreeBSD has released a Security Bulletin (FreeBSD-SA-15: 03. sctp. asc) and patches for this:
FreeBSD-SA-15: 03. sctp. asc: SCTP stream reset vulnerability
Link: https://www.freebsd.org/security/advisories/FreeBSD-SA-15:03.sctp.asc
Use dump restore to quickly back up and restore the FreeBSD system
Mount the partition where FreeBSD is located in Linux
Test data of PostgreSQL running on FreeBSD and Linux
FreeBSD software package management
This article permanently updates the link address: