Launchpad CVE tracker

CVE 2008-3792

net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.

Related bugs and status

CVE-2008-3792 (Candidate) is related to these bugs:

Bug #94186: 3c59x - 10/100 NIC fails to link to gigabit switch

		In	Importance	Status
94186	3c59x - 10/100 NIC fails to link to gigabit switch	linux-source-2.6.20 (Ubuntu)	Undecided	Won't Fix
94186	3c59x - 10/100 NIC fails to link to gigabit switch	linux-source-2.6.22 (Ubuntu)	Low	Fix Released
94186	3c59x - 10/100 NIC fails to link to gigabit switch	linux (Ubuntu)	Undecided	Fix Released

Bug #125250: Don't recognise USB Pendrive -> sr0: disc change detected.

		In	Importance	Status
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu)	Undecided	Won't Fix
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu Hardy)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu Hardy)	Undecided	Won't Fix
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu Intrepid)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu Intrepid)	Undecided	Invalid
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu Jaunty)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu Jaunty)	Undecided	Invalid

Bug #182716: bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.

		In	Importance	Status
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux (Ubuntu)	Medium	Fix Released
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	Ubuntu	Undecided	Invalid
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	Linux	Undecided	Invalid
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux (Mandriva)	Undecided	New
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux-source-2.6.22 (Ubuntu)	Undecided	Won't Fix
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux (Baltix)	Undecided	New

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2008-3792

References