CVE-2007-2876
The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.
Date published : 2007-06-11
http://www.securityfocus.com/bid/24376
http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm