F5 Networks BIG-IP : Linux kernel SCTP vulnerability (K17242)

critical Nessus Plugin ID 85889


The remote device is missing a vendor-supplied security patch.


Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data. (CVE-2015-1421)


Remote attackers may be able to cause a denial-of-service (DoS) attack on an affected system by triggering an INIT collision in the Stream Control Transmission Protocol (SCTP). This vulnerability does not affect SCTP functionality on the data plane, but does affect the SCTP kernel module on the control plane for BIG-IP, BIG-IQ, and Enterprise Manager systems.


Upgrade to one of the non-vulnerable versions listed in the F5 Solution K17242.

See Also


Plugin Details

Severity: Critical

ID: 85889

File Name: f5_bigip_SOL17242.nasl

Version: 2.8

Type: local

Published: 9/10/2015

Updated: 3/10/2021

Configuration: Enable paranoid mode

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_wan_optimization_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip, cpe:/h:f5:big-ip_protocol_security_manager

Required KB Items: Host/local_checks_enabled, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version, Settings/ParanoidReport

Exploit Ease: No known exploits are available

Patch Publication Date: 9/9/2015

Vulnerability Publication Date: 3/16/2015

Reference Information

CVE: CVE-2015-1421

BID: 72356