CVE-2017-5986 - log back

CVE-2017-5986 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ It was reported that with Linux kernel, earlier than version v4.10-rc8, an application may trigger a BUG_ON in sctp_wait_for_sndbuf if the socket tx buffer is full, a thread is waiting on it to queue more data, and meanwhile another thread peels off the association being used by the first thread. This issue may then lead to a segmentation fault resulting in denial of service.
References
+ https://github.com/torvalds/linux/commit/2dcab598484185dea7ec22219c76dcdd59e3cb90
+ http://seclists.org/oss-sec/2017/q1/432
Notes