CVE-2014-3688

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux kernel versions 2.6.32 Linux kernel versions prior to 3.17.4

Description The issue concerns multiple vulnerabilities in the Linux kernel, specifically affecting Red Hat Enterprise Linux. These vulnerabilities can be exploited remotely, potentially leading to breaches of confidentiality, integrity, and availability of protected information. The vulnerabilities are related to the SCTP implementation in the Linux kernel, which can cause a denial of service due to memory consumption when a large number of chunks are triggered in an association's output queue.

Recommendations For Red Hat Enterprise Linux kernel version 2.6.32, update to a version that includes the fix for these vulnerabilities. For Linux kernel versions prior to 3.17.4, update to version 3.17.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable components until a patch is available.