Daniel Borkmann

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.0.6 **Description** The issue allows local users to cause a denial of service, resulting in a system crash. This is achieved by creating a packet filter and loading crafted BPF instructions that trigger late convergence by the JIT compiler. The `bpf int jit compile` function in `arch/x86/net/bpf jit comp.c` is the vulnerable component. **Recommendations** For Linux kernel versions prior to 4.0.6, update to version 4.0.6 or later to resolve the issue. As a temporary workaround, consider restricting the creation of packet filters to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.17.4 kernel-debuginfo-2.6.32 versions 2.6.32 kernel-debug-devel-2.6.32 versions 2.6.32 kernel-doc-2.6.32 versions 2.6.32 kernel-debuginfo-common-i686 versions 2.6.32 kernel-headers-2.6.32 versions 2.6.32 kernel-2.6.32 versions 2.6.32 kernel-debug-debuginfo-2.6.32 versions 2.6.32 kernel-devel-2.6.32 versions 2.6.32 kernel-abi-whitelists-2.6.32 versions 2.6.32 kernel-firmware-2.6.32 versions 2.6.32 kernel-debug-2.6.32 versions 2.6.32 **Description** The issue is related to multiple vulnerabilities in the Linux kernel, specifically in the SCTP implementation, which can be exploited remotely to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. The `sctp process param` function in `net/sctp/sm make chunk.c` is vulnerable when ASCONF is used. These vulnerabilities can lead to a disruption of confidentiality, integrity, and availability of protected information. **Recommendations** For Linux kernel versions prior to 3.17.4, update to version 3.17.4 or later to resolve the issue. For kernel-debuginfo-2.6.32 versions 2.6.32, update to a newer version that contains a fix for this vulnerability. For kernel-debug-devel-2.6.32 versions 2.6.32, update to a newer version that contains a fix for this vulnerability. For kernel-doc-2.6.32 versions 2.6.32, update to a newer version that contains a fix for this vulnerability. For kernel-debuginfo-common-i686 versions 2.6.32, update to a newer version that contains a fix for this vulnerability. For kernel-headers-2.6.32 versions 2.6.32, update to a newer version that contains a fix for this vulnerability. For kernel-2.6.32 versions 2.6.32, update to a newer version that contains a fix for this vulnerability. For kernel-debug-debuginfo-2.6.32 versions 2.6.32, update to a newer version that contains a fix for this vulnerability. For kernel-devel-2.6.32 versions 2.6.32, update to a newer version that contains a fix for this vulnerability. For kernel-abi-whitelists-2.6.32 versions 2.6.32, update to a newer version that contains a fix for this vulnerability. For kernel-firmware-2.6.32 versions 2.6.32, update to a newer version that contains a fix for this vulnerability. For kernel-debug-2.6.32 versions 2.6.32, update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling the `sctp process param` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.12.8 **Description** The issue allows remote attackers to obtain sensitive information from kernel memory. This is achieved by establishing an IRC DCC session where incorrect packet data is transmitted during the use of the NAT mangle feature. **Recommendations** For versions prior to 3.12.8, update to version 3.12.8 or later to resolve the issue. As a temporary workaround, consider restricting the use of the NAT mangle feature until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.3.3 **Description** The issue allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper access to a certain error field in the ext4 journal stop function. **Recommendations** For versions prior to 4.3.3, update to version 4.3.3 or later to resolve the issue.