CVE-2008-2826

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.25.9

Description The issue is related to an integer overflow in the sctp getsockopt local addrs old function, which is part of the Stream Control Transmission Protocol (sctp) functionality. This overflow can be triggered by local users through vectors involving a large addr num field in an sctp getaddrs old data structure, leading to a denial of service (resource consumption and system outage).

Recommendations For Linux kernel versions prior to 2.6.25.9, update to version 2.6.25.9 or later to resolve the issue.