Home > Vulnerability Database > CVE-2006-2274

Mend.io Vulnerability Database

CVE-2006-2274

Date: May 9, 2006

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.

Severity Score

5.3

Related Resources (26)

Url: http://www.novell.com/linux/security/advisories/2006-05-31.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9531

Url: http://secunia.com/advisories/21476

Url: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=672e7cca17ed6036a1756ed34cf20dbd72d5e5f6

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/26432

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:150

Url: http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm

Url: http://www.debian.org/security/2006/dsa-1097

Url: http://www.vupen.com/english/advisories/2006/2554

Url: http://www.debian.org/security/2006/dsa-1103

Url: http://secunia.com/advisories/20716

Url: http://secunia.com/advisories/20914

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2274

Url: http://www.redhat.com/support/errata/RHSA-2006-0493.html

Url: http://www.ubuntu.com/usn/usn-302-1

Url: http://www.osvdb.org/25746

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-2274

Url: http://secunia.com/advisories/20398

Url: http://secunia.com/advisories/21745

Url: http://secunia.com/advisories/20237

Url: http://www.trustix.org/errata/2006/0026

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:123

Url: http://www.securityfocus.com/bid/17955

Url: http://secunia.com/advisories/21045

Url: http://secunia.com/advisories/20671

Url: https://www.mend.io/vulnerability-database/CVE-2006-2274

Severity Score

5.3

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-2274

Date: May 9, 2006

Severity Score

Related Resources (26)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?