The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/sm_statefuns.c.
{ "urgency": "not yet assigned" }