CVE-2006-3745

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.4.23 through 2.4.33 Linux kernel versions 2.6.x before 2.6.17.10

Description The issue affects the Linux kernel, specifically the SCTP implementation, and can be exploited to cause a denial of service or potentially gain root privileges. The sctp make abort user function is vulnerable, allowing local users to launch an attack. The estimated number of potentially affected devices is not specified.

Recommendations For Linux kernel versions 2.4.23 through 2.4.33, consider upgrading to a version outside of this range to mitigate the risk. For Linux kernel versions 2.6.x before 2.6.17.10, upgrade to version 2.6.17.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the sctp make abort user function to minimize the risk of exploitation.