Wind River Support Network

HomeOther DownloadsFixes to security issues CVE-2006-1857 and CVE-2006-1858,
Recommended Type: Patch

Fixes to security issues CVE-2006-1857 and CVE-2006-1858,

Released: Jan 30, 2008     Updated: Jan 30, 2008

Description

Vulnerability Summary CVE-2006-1858

SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.

Vulnerability Summary CVE-2006-1857

Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk. IDENTIFIER = WIND00114913

Product Version

Linux Platforms 1.x

Downloads

Installation Notes

Installation Notes

  1. Unzip the patch under [install_dir]/updates

    2. Install the patch CD by entering the patch CD directory and run setup_linux.

    3. This is a source only patch so you will have to build the kernel

    4. Issue a make fs and make the kernel in a configured directory.

    6. Upload the kernel and rootfs into the target and boot it up.
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube