oval:org.mitre.oval:def:23690

Definition Id: oval:org.mitre.oval:def:23690
 
Oval ID: oval:org.mitre.oval:def:23690
Title: ELSA-2014:0328: kernel security and bug fix update (Important)
Description: The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.
Family: unix Class: patch
Reference(s): ELSA-2014:0328-01
CVE-2013-1860
CVE-2014-0055
CVE-2014-0069
CVE-2014-0101
 Version: 9
Platform(s): Oracle Linux 6
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16594
 
Oval ID: oval:org.mitre.oval:def:16594
Title: Oracle Linux 6.x
Description: The operating system installed on the system is Oracle Linux 6.x
Family: unix Class: inventory
Reference(s): cpe:/o:oracle:linux:6
 Version: 5
Platform(s): Oracle Linux 6
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:23690