Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux Kernel ‘sctp_v6_xmit()’函数信息泄露漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.11.1及之前的版本中的net/sctp/ipv6.c文件中的IPv6 SCTP实现中存在加密问题漏洞,使用数据结构和函数调用没有触发既定的IPsec配置加密。远程攻击者可通过嗅探网络利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A