Frank DENIS random thoughts.

A critical one-shot remote Linux kernel vulnerability

CVS 2009-0065 have been described by Linux vendors as a remote denial of service.

Is it?

No, to tell the truth, the SCTP vulnerability is absolutely exploitable, with extreme reliability (nearly one-shot always) and an exploit is already out in the wild.

All you need is an application doing SCTP on the target host.

From KernelBOF.