Lucene search
K

79 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/27 8:14 a.m.7 views

sctp: fix uninit-value in __sctp_rcv_asconf_lookup()

...

9.1CVSS5.8AI score0.00544EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.8 views

SUSE CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS5.8AI score0.00544EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 5:47 p.m.7 views

CVE-2026-53225

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted, truncated ASCONF Address Configuration chunk. This can cause the system to read up to 16 bytes of...

9.1CVSS5.8AI score0.00544EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS0.00544EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS5.7AI score0.00544EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

5.6AI score0.00544EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/06/25 8:39 a.m.23 views

CVE-2026-53225

The CVE-2026-53225 entry describes a Linux kernel SCTP vulnerability in __sctp_rcv_asconf_lookup() where an unauthenticated peer can send a truncated ASCONF chunk; the code may read 16 bytes of uninitialized memory past the address parameter when the chunk’s length is misdeclared. Affected compon...

9.1CVSS5.7AI score0.00544EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.29 views

CVE-2026-53225 sctp: fix uninit-value in __sctp_rcv_asconf_lookup()

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS0.00544EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS5.6AI score0.00544EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux

A race condition in Linux kernel SCTP sockets net/sctp/socket.c before version 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If the sctpDestroySock function is called without using the socknetsk-sctp.addrwqlock lock, an element...

7CVSS6.7AI score0.00482EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000929)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000929 advisory. The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial...

7.8CVSS7.1AI score0.08579EPSS
Exploits1References25
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000803)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000803 advisory. The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to...

5CVSS6.7AI score0.0523EPSS
Exploits1References25
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002012)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002012 advisory. The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to...

7.8CVSS7AI score0.07461EPSS
Exploits1References23
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002182 advisory. The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial...

7.8CVSS7.1AI score0.08579EPSS
Exploits1References25
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002405)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002405 advisory. The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to...

7.8CVSS7AI score0.07461EPSS
Exploits1References23
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-3633

Malware in sbrugna...

7.8CVSS6.6AI score0.08579EPSS
Exploits1References32
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-3621

Malware in sbrugna...

7.8CVSS6.6AI score0.07461EPSS
Exploits1References30
SUSE CVE
SUSE CVE
added 2024/06/04 12:25 p.m.2 views

SUSE CVE-2024-0639

A denial of service vulnerability due to a deadlock was found in sctpautoasconfinit in net/sctp/socket.c in the Linux kernel's SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system...

4.7CVSS6.4AI score0.00161EPSS
Exploits0References21
OSV
OSV
added 2024/01/17 4:15 p.m.5 views

AZL-33889 CVE-2024-0639 affecting package kernel for versions less than 5.15.148.1-1

A denial of service vulnerability due to a deadlock was found in sctpautoasconfinit in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system...

5.5CVSS6.5AI score0.00161EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.39 views

K16016: Linux kernel SCTP vulnerability CVE-2014-7841

Security Advisory Description The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...

5CVSS6.4AI score0.0523EPSS
Exploits1Affected Software20
Rows per page
Query Builder