Linux SCTP ICMP Packet Handling Null Dereference Remote DoS

High Nessus Plugin ID 19777


It is possible to crash the remote host by sending it malformed ICMP packets.


Linux kernels older than version 2.6.13 contain a bug that may allow an attacker to cause a NULL pointer dereference by sending malformed ICMP packets, thus resulting in a kernel panic.

This flaw is present only if SCTP support is enabled on the remote host.

An attacker can use this to make this host crash continuously, thus preventing legitimate users from using it.


Ugprade to Linux 2.6.13 or newer, or disable SCTP support.

See Also

Plugin Details

Severity: High

ID: 19777

File Name: linux_icmp_sctp_DoS.nasl

Version: 1.20

Type: remote

Published: 2005/09/23

Updated: 2019/03/06

Configuration: Enable paranoid mode

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:linux:kernel

Required KB Items: Settings/ParanoidReport