Unrated severityNVD Advisory· Published Jul 2, 2008· Updated Apr 23, 2026

CVE-2008-2826

Description

Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure.

Affected products

Canonical (company)/Ubuntu Linux4 versions
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <2.6.25.9
OpenSUSE/openSUSE2 versions
cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.htmlnvdMailing ListThird Party Advisory
lwn.net/Articles/287350/nvdThird Party Advisory
secunia.com/advisories/30901nvdThird Party Advisory
secunia.com/advisories/31107nvdThird Party Advisory
secunia.com/advisories/31202nvdThird Party Advisory
secunia.com/advisories/31551nvdThird Party Advisory
secunia.com/advisories/31628nvdThird Party Advisory
secunia.com/advisories/32370nvdThird Party Advisory
www.debian.org/security/2008/dsa-1630nvdThird Party Advisory
www.mandriva.com/security/advisoriesnvdThird Party Advisory
www.mandriva.com/security/advisoriesnvdThird Party Advisory
www.redhat.com/support/errata/RHSA-2008-0585.htmlnvdThird Party Advisory
www.securityfocus.com/bid/29990nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/usn-625-1nvdThird Party Advisory
www.vupen.com/english/advisories/2008/2511nvdThird Party Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/43559nvdThird Party AdvisoryVDB Entry
kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.9nvdBroken Link
wiki.rpath.com/wiki/Advisories:rPSA-2008-0207nvdBroken Link
www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.7nvdBroken Link
issues.rpath.com/browse/RPL-2629nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000