Linux Kernel SCTP stack Denial of Service Vulnerability (CVE-2014-3688)
Release date:
Updated on:
Affected Systems:
Linux kernel 3.17.2
Linux kernel 3.14.23
Linux kernel 3.12.31
Linux kernel 3.10.59
Description:
CVE (CAN) ID: CVE-2014-3688
Linux Kernel is the Kernel of the Linux operating system.
Linux Kernel 3.10.59, 3.12.31, 3.14.23, and 3.17.2 remotely trigger the memory depletion vulnerability when processing a large number of queue sorting tasks. Remote attackers can exploit this vulnerability to cause system denial of service.
<* Source: vendor
Link: http://secunia.com/advisories/61935/
*>
Suggestion:
Vendor patch:
Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.kernel.org/
Http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit? Id = 9de7922bc709eee2f609cd01d98aaedc4cf5ea74
Http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit? Id = b69040d8e39f20d5215a03502a8e8b4c6ab78395
Http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit? Id = 26b87c7881006311828bb0ab271a551a62dcceb4
The Ubuntu 13.10 (Saucy Salamander) Kernel has been upgraded to Linux Kernel 3.10 RC5
Linux Kernel 3.4.62 LTS is now available for download
How to install Linux kernel 13.10 On Ubuntu 3.12
Linux Kernel: click here
Linux Kernel: click here
This article permanently updates the link address: