3.17.2

DATE	CVE	VULNERABILITY TITLE	RISK
2014-11-10	CVE-2014-3687	Resource Exhaustion vulnerability in multiple products The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter. network low complexity linux redhat canonical opensuse novell suse debian oracle CWE-400	7.5
2014-11-10	CVE-2014-3673	Improper Input Validation vulnerability in multiple products The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c. network low complexity linux redhat canonical debian opensuse suse oracle CWE-20	7.5
2014-06-07	CVE-2014-3153	The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. local low complexity linux redhat suse opensuse canonical oracle	7.8