CVE-2017-5986 log
| Source |
|
| Severity | Medium |
| Remote | No |
| Type | Denial of service |
| Description | It was reported that with Linux kernel, earlier than version v4.10-rc8, an application may trigger a BUG_ON in sctp_wait_for_sndbuf if the socket tx buffer is full, a thread is waiting on it to queue more data, and meanwhile another thread peels off the association being used by the first thread. This issue may then lead to a segmentation fault resulting in denial of service. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-188 | linux-lts | 4.4.50-1 | 4.9.13-1 | High | Fixed | |
| AVG-186 | linux-zen | 4.9.8-1 | 4.9.11-2 | High | Fixed | |
| AVG-178 | linux | 4.9.8-1 | 4.9.11-1 | High | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 22 Feb 2017 | ASA-201702-18 | AVG-186 | linux-zen | High | multiple issues |
| 22 Feb 2017 | ASA-201702-17 | AVG-178 | linux | High | multiple issues |
| References |
|---|
https://github.com/torvalds/linux/commit/2dcab598484185dea7ec22219c76dcdd59e3cb90 http://seclists.org/oss-sec/2017/q1/432 |