Karl Heiss

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.8.5 **Description** The issue is related to the SCTP implementation in the Linux kernel, specifically the `sctp sf do 5 2 4 dupcook` function. It does not properly handle associations when processing a duplicate COOKIE ECHO chunk, allowing remote attackers to cause a denial of service, potentially leading to a system crash, via crafted SCTP traffic. **Recommendations** For Linux kernel versions prior to 3.8.5, update to version 3.8.5 or later to resolve the issue.