{"containers":{"cna":{"affected":[{"product":"Linux Kernel","vendor":"Linux Foundation","versions":[{"status":"affected","version":"Before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102."}]}],"datePublic":"2018-02-28T00:00:00.000Z","descriptions":[{"lang":"en","value":"In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash."}],"problemTypes":[{"descriptions":[{"description":"Denial of Service","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2019-03-26T10:06:07.000Z","orgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","shortName":"flexera"},"references":[{"name":"81331","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"https://secuniaresearch.flexerasoftware.com/advisories/81331/"},{"name":"RHSA-2018:3083","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:3083"},{"tags":["x_refsource_CONFIRM"],"url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25"},{"name":"DSA-4187","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2018/dsa-4187"},{"name":"USN-3654-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/3654-1/"},{"tags":["x_refsource_CONFIRM"],"url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51"},{"name":"RHSA-2018:1854","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:1854"},{"name":"USN-3697-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/3697-1/"},{"tags":["x_refsource_CONFIRM"],"url":"https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102"},{"name":"DSA-4188","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2018/dsa-4188"},{"name":"[netdev] 20180207 [Secunia Research] Linux Kernel Vulnerability - Sending information","tags":["mailing-list","x_refsource_MLIST"],"url":"https://www.spinics.net/lists/netdev/msg482523.html"},{"name":"RHSA-2018:2948","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:2948"},{"name":"USN-3697-2","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/3697-2/"},{"tags":["x_refsource_CONFIRM"],"url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c"},{"name":"[linux-sctp] 20180209 skb_over_panic on INIT/INIT_ACK packet sending","tags":["mailing-list","x_refsource_MLIST"],"url":"https://www.spinics.net/lists/linux-sctp/msg07036.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87"},{"tags":["x_refsource_CONFIRM"],"url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8"},{"name":"USN-3654-2","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/3654-2/"},{"tags":["x_refsource_CONFIRM"],"url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121"},{"name":"USN-3698-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/3698-1/"},{"name":"[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"},{"name":"USN-3656-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/3656-1/"},{"tags":["x_refsource_MISC"],"url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-2/"},{"name":"RHSA-2018:3096","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:3096"},{"name":"USN-3698-2","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/3698-2/"},{"name":"RHSA-2019:0641","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:0641"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"PSIRT-CNA@flexerasoftware.com","ID":"CVE-2018-5803","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Linux Kernel","version":{"version_data":[{"version_value":"Before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102."}]}}]},"vendor_name":"Linux Foundation"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Denial of Service"}]}]},"references":{"reference_data":[{"name":"81331","refsource":"SECUNIA","url":"https://secuniaresearch.flexerasoftware.com/advisories/81331/"},{"name":"RHSA-2018:3083","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:3083"},{"name":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25","refsource":"CONFIRM","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25"},{"name":"DSA-4187","refsource":"DEBIAN","url":"https://www.debian.org/security/2018/dsa-4187"},{"name":"USN-3654-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3654-1/"},{"name":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51","refsource":"CONFIRM","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51"},{"name":"RHSA-2018:1854","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:1854"},{"name":"USN-3697-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3697-1/"},{"name":"https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102","refsource":"CONFIRM","url":"https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102"},{"name":"DSA-4188","refsource":"DEBIAN","url":"https://www.debian.org/security/2018/dsa-4188"},{"name":"[netdev] 20180207 [Secunia Research] Linux Kernel Vulnerability - Sending information","refsource":"MLIST","url":"https://www.spinics.net/lists/netdev/msg482523.html"},{"name":"RHSA-2018:2948","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:2948"},{"name":"USN-3697-2","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3697-2/"},{"name":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c","refsource":"CONFIRM","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c"},{"name":"[linux-sctp] 20180209 skb_over_panic on INIT/INIT_ACK packet sending","refsource":"MLIST","url":"https://www.spinics.net/lists/linux-sctp/msg07036.html"},{"name":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87","refsource":"CONFIRM","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87"},{"name":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8","refsource":"CONFIRM","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8"},{"name":"USN-3654-2","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3654-2/"},{"name":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121","refsource":"CONFIRM","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121"},{"name":"USN-3698-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3698-1/"},{"name":"[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"},{"name":"USN-3656-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3656-1/"},{"name":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-2/","refsource":"MISC","url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-2/"},{"name":"RHSA-2018:3096","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:3096"},{"name":"USN-3698-2","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3698-2/"},{"name":"RHSA-2019:0641","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:0641"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T05:47:55.973Z"},"title":"CVE Program Container","references":[{"name":"81331","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"https://secuniaresearch.flexerasoftware.com/advisories/81331/"},{"name":"RHSA-2018:3083","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:3083"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25"},{"name":"DSA-4187","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2018/dsa-4187"},{"name":"USN-3654-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/3654-1/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51"},{"name":"RHSA-2018:1854","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:1854"},{"name":"USN-3697-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/3697-1/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102"},{"name":"DSA-4188","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2018/dsa-4188"},{"name":"[netdev] 20180207 [Secunia Research] Linux Kernel Vulnerability - Sending information","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://www.spinics.net/lists/netdev/msg482523.html"},{"name":"RHSA-2018:2948","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:2948"},{"name":"USN-3697-2","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/3697-2/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c"},{"name":"[linux-sctp] 20180209 skb_over_panic on INIT/INIT_ACK packet sending","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://www.spinics.net/lists/linux-sctp/msg07036.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8"},{"name":"USN-3654-2","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/3654-2/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121"},{"name":"USN-3698-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/3698-1/"},{"name":"[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"},{"name":"USN-3656-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/3656-1/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-2/"},{"name":"RHSA-2018:3096","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:3096"},{"name":"USN-3698-2","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/3698-2/"},{"name":"RHSA-2019:0641","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:0641"}]}]},"cveMetadata":{"assignerOrgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","assignerShortName":"flexera","cveId":"CVE-2018-5803","datePublished":"2018-06-12T16:00:00.000Z","dateReserved":"2018-01-19T00:00:00.000Z","dateUpdated":"2024-08-05T05:47:55.973Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}