-stable: Linux

We (the -stable team) are announcing the release of the kernel. Fixes for SCTP security issues.

The diffstat and short summary of the fixes are below.

I’ll also be replying to this message with a copy of the patch
between and, as it is small enough to do

The updated 2.6.16.y git tree can be found at:


and can be browsed at the normal kernel.org git web browser:



Makefile | 2 –
include/net/sctp/structs.h | 1
net/sctp/inqueue.c | 1
net/sctp/sm_statefuns.c | 59 +++++++++++++++++++++++++++++++++————
net/sctp/sm_statetable.c | 10 +++—-
net/sctp/ulpqueue.c | 27 +++++++++++++++++++-

6 files changed, 77 insertions(+), 23 deletions(-)

Summary of changes from v2.6.16.14 to

Chris Wright:

Neil Horman:
      SCTP: Allow spillover of
receive buffer to avoid deadlock. (CVE-2006-2275)

Sridhar Samudrala:
      SCTP: Fix panic’s when
receiving fragmented SCTP control chunks. (CVE-2006-2272)
      SCTP: Fix state table entries
for chunks received in CLOSED state. (CVE-2006-2271)

Vladislav Yasevich:
      SCTP: Prevent possible infinite
recursion with multiple bundled DATA. (CVE-2006-2274)