http://bugzilla.opensuse.org/show_bug.cgi?id=1011685 Bug ID: 1011685 Summary: VUL-0: kernel-source: net/sctp: slab-out-of-bounds in sctp_sf_ootb Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Reference: http://seclists.org/oss-sec/2016/q4/504 ===================================================== Hi, There's a bug in the Linux kernel sctp implementation which allows a remote attacker to trigger a slab-out-of-bounds access with an offset up to 64K bytes. The bug was fixed upstream: https://github.com/torvalds/linux/commit/bf911e985d6bbaa328c20c3e05f4eb03de1... More details are here: https://groups.google.com/forum/#!topic/syzkaller/pAUcHsUJbjk Could you assign a CVE for this? Thanks! ===================================================== -- You are receiving this mail because: You are on the CC list for the bug.