Think you have a false positive on this rule?

Sid 1-38346

Summary:

    OS-LINUX Linux kernel SCTP INIT null pointer dereference attempt

Impact:

    Confidentiality Impact: NONE Integrity Impact: NONE Availability Impact: PARTIAL

Detailed Information:

    The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.

Affected Systems:

    linux linux kernel 3.10.14
    linux linux kernel 3.10.11
    linux linux kernel 3.10.13
    linux linux kernel 3.10.12
    linux linux kernel 3.10.15
    linux linux kernel 3.10.17
    linux linux kernel 3.10.16
    linux linux kernel 3.10.19
    linux linux kernel 3.10.10
    linux linux kernel 3.0.35
    linux linux kernel 3.17.1
    linux linux kernel 3.17.2
    linux linux kernel 3.17.3
    linux linux kernel 3.0.31
    linux linux kernel 3.17
    linux linux kernel 3.0.30
    linux linux kernel 3.0.32
    linux linux kernel 3.0.39
    linux linux kernel 3.0.34
    linux linux kernel 3.0.33
    linux linux kernel 3.0.36
    linux linux kernel 3.0.38
    linux linux kernel 3.11.10
    linux linux kernel 3.0.37
    linux linux kernel 3.0.29
    linux linux kernel 3.14 rc4
    linux linux kernel 3.14 rc3
    linux linux kernel 3.0.24
    linux linux kernel 3.14 rc2
    linux linux kernel 3.14 rc1
    linux linux kernel 3.14 rc8
    linux linux kernel 3.14 rc7
    linux linux kernel 3.14 rc6
    linux linux kernel 3.14 rc5
    linux linux kernel 3.0.20
    linux linux kernel 3.0.21
    linux linux kernel 3.0.28
    linux linux kernel 3.0.23
    linux linux kernel 3.0.22
    linux linux kernel 3.0.25
    linux linux kernel 3.0.27
    linux linux kernel 3.0.26
    linux linux kernel 3.0.18
    linux linux kernel 3.16.1
    linux linux kernel 3.0.19
    linux linux kernel 3.0.57
    linux linux kernel 3.16.0
    linux linux kernel 3.10.9 arm64
    linux linux kernel 3.0.53
    linux linux kernel 3.10.8 arm64
    linux linux kernel 3.0.50
    linux linux kernel 3.10.5 arm64
    linux linux kernel 3.10.4 arm64
    linux linux kernel 3.0.52
    linux linux kernel 3.10.7 arm64
    linux linux kernel 3.0.51
    linux linux kernel 3.10.6 arm64
    linux linux kernel 3.0.54
    linux linux kernel 3.0.56
    linux linux kernel 3.0.55
    linux linux kernel 3.0.58
    linux linux kernel 3.0.59
    linux linux kernel 3.0.46
    linux linux kernel 3.2 x86
    linux linux kernel 3.11.6
    linux linux kernel 3.11.7
    linux linux kernel 3.11.8
    linux linux kernel 3.11.9
    linux linux kernel 3.11.3
    linux linux kernel 3.11.4
    linux linux kernel 3.11.5
    linux linux kernel 3.0 rc3
    linux linux kernel 3.1 rc4
    linux linux kernel 3.0 rc4
    linux linux kernel 3.0 rc7
    linux linux kernel 3.1 rc1
    linux linux kernel 3.2 rc2
    linux linux kernel 3.0 rc1
    linux linux kernel 3.1 rc2
    linux linux kernel 3.2 rc3
    linux linux kernel 3.0 rc2
    linux linux kernel 3.1 rc3
    linux linux kernel 3.0 rc5
    linux linux kernel 3.0 rc6
    linux linux kernel 3.12.12
    linux linux kernel 3.12.17
    linux linux kernel 3.12.13
    linux linux kernel 3.12.14
    linux linux kernel 3.12.15
    linux linux kernel 3.12.16
    linux linux kernel 3.12.10
    linux linux kernel 3.12.11
    linux linux kernel 3.10.7
    linux linux kernel 3.0.9
    linux linux kernel 3.0.13
    linux linux kernel 3.14
    linux linux kernel 3.10.8
    linux linux kernel 3.10.9
    linux linux kernel 3.10.4
    linux linux kernel 3.10.5
    linux linux kernel 3.10.6
    linux linux kernel 3.0.10
    linux linux kernel 3.0.17
    linux linux kernel 3.0.12
    linux linux kernel 3.0.11
    linux linux kernel 3.0.14
    linux linux kernel 3.13.10
    linux linux kernel 3.0.16
    linux linux kernel 3.13.11
    linux linux kernel 3.0.15
    linux linux kernel 3.1
    linux linux kernel 3.2
    linux linux kernel 3.13.4
    linux linux kernel 3.1.9
    linux linux kernel 3.1.8
    linux linux kernel 3.13.9
    linux linux kernel 3.13.5
    linux linux kernel 3.13.6
    linux linux kernel 3.13.7
    linux linux kernel 3.13.8
    linux linux kernel 3.13.1
    linux linux kernel 3.13.2
    linux linux kernel 3.13.3
    linux linux kernel 3.11.1
    linux linux kernel 3.11.2
    linux linux kernel 3.12.5
    linux linux kernel 3.0.4
    linux linux kernel 3.12.6
    linux linux kernel 3.12.7
    linux linux kernel 3.12.8
    linux linux kernel 3.12.9
    linux linux kernel 3.12.2
    linux linux kernel 3.12.3
    linux linux kernel 3.12.4
    linux linux kernel 3.10.1
    linux linux kernel 3.10.2
    linux linux kernel 3.10.3
    linux linux kernel 3.0.3
    linux linux kernel 3.0.2
    linux linux kernel 3.0.1
    linux linux kernel 3.0.8
    linux linux kernel 3.0.7
    linux linux kernel 3.0.6
    linux linux kernel 3.0.5
    linux linux kernel 3.0.42
    linux linux kernel 3.0.41
    linux linux kernel 3.0.40
    linux linux kernel 3.0.43
    linux linux kernel 3.0.45
    linux linux kernel 3.0.44
    linux linux kernel 3.0.47
    linux linux kernel 3.1.10
    linux linux kernel 3.0.49
    linux linux kernel 3.0.48
    linux linux kernel 3.15.2
    linux linux kernel 3.15.7
    linux linux kernel 3.15.8
    linux linux kernel 3.1.3
    linux linux kernel 3.10
    linux linux kernel 3.15.3
    linux linux kernel 3.15.4
    linux linux kernel 3.15
    linux linux kernel 3.15.5
    linux linux kernel 3.15.6
    linux linux kernel 3.13
    linux linux kernel 3.12
    linux linux kernel 3.15.1
    linux linux kernel 3.11
    linux linux kernel 3.1.2
    linux linux kernel 3.1.1
    linux linux kernel 3.1.7
    linux linux kernel 3.1.6
    linux linux kernel 3.1.5
    linux linux kernel 3.1.4
    linux linux kernel 3.0.68
    linux linux kernel 3.0.64
    linux linux kernel 3.0.61
    linux linux kernel 3.0.63
    linux linux kernel 3.0.62
    linux linux kernel 3.0.65
    linux linux kernel 3.0.67
    linux linux kernel 3.0.66
    linux linux kernel 3.0.60
    linux linux kernel 3.14.3
    linux linux kernel 3.10.29
    linux linux kernel 3.10.1 arm64
    linux linux kernel 3.10.0 arm64
    linux linux kernel 3.14.4
    linux linux kernel 3.10.3 arm64
    linux linux kernel 3.14.5
    linux linux kernel 3.10.2 arm64
    linux linux kernel 3.14.1
    linux linux kernel 3.14.2
    linux linux kernel 3.10.25
    linux linux kernel 3.10.20
    linux linux kernel 3.10.22
    linux linux kernel 3.12.1
    linux linux kernel 3.10.24
    linux linux kernel 3.10.23
    linux linux kernel 3.10.26
    linux linux kernel 3.10.28
    linux linux kernel 3.10.27
    linux linux kernel 3.10.21
    linux linux kernel 3.10.18

Attack Scenarios:

    No data available

False Positives:

    None known

False Negatives:

    None known

Corrective Action:

    Upgrade to the latest non-affected version
    Apply vendor-provided patches

Contributors:

    No data available

Additional References: