Lucene search
K

71 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53224

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the...

9.1CVSS5.9AI score0.00547EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:8 a.m.5 views

sctp: purge outqueue on stale COOKIE-ECHO handling

...

9.8CVSS5.8AI score0.00265EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:8 a.m.7 views

SUSE CVE-2026-53246

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

9.8CVSS6AI score0.00481EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 11:56 p.m.5 views

CVE-2026-53246

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A remote attacker could exploit this by sending a specially crafted COOKIEECHO chunk to a listening SCTP server. The server's failure to properly validate the length of a cached peer INIT chunk within...

9.8CVSS5.8AI score0.00481EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53246

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

9.8CVSS0.00481EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53246

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

9.8CVSS5.9AI score0.00481EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 8:39 a.m.3 views

EUVD-2026-39197

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

6AI score0.00481EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.25 views

CVE-2026-53246 sctp: validate cached peer INIT chunk length in COOKIE_ECHO processing

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

9.8CVSS0.00481EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53246

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

9.8CVSS5.9AI score0.00481EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:39 a.m.18 views

CVE-2026-53246

CVE-2026-53246 : In the Linux kernel SCTP implementation, a vulnerability exists in how COOKIE_ECHO payloads are processed. The cached peer INIT chunk embedded after the cookie could have its header length inflated without proper validation, allowing the parameter walk (via sctp_walk_params/sctp_...

9.8CVSS6AI score0.00481EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52341

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIE ECHO processing When a listening SCTP server processes a COOKIE ECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked...

9.8CVSS6AI score0.00481EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 7:14 a.m.16 views

CVE-2026-52924

The CVE-2026-52924 entry describes a Linux kernel SCTP use-after-free vulnerability triggered during Stale COOKIE-ECHO handling. In COOKIE_WAIT transitions, sctp_stream_update() can leave a stale out_curr pointer after rolling back from COOKIE_ECHOED to COOKIE_WAIT, so scheduler paths (FCFS/RR/PR...

9.8CVSS5.8AI score0.00265EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.28 views

CVE-2026-52924 sctp: purge outqueue on stale COOKIE-ECHO handling

In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling sctpstreamupdate is only invoked when the association is moved into COOKIEWAIT during association setup/reconfiguration. In this path, the outbound stream scheduler state...

9.8CVSS0.00265EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52924

In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling sctpstreamupdate is only invoked when the association is moved into COOKIEWAIT during association setup/reconfiguration. In this path, the outbound stream scheduler state...

9.8CVSS5.7AI score0.00265EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/02/18 12:25 a.m.3 views

SUSE CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References16
NVD
NVD
added 2026/02/14 3:16 p.m.7 views

CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.5CVSS0.00114EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/02/14 3:16 p.m.6 views

CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References28
Vulnrichment
Vulnrichment
added 2026/02/14 3:9 p.m.4 views

CVE-2026-23125 sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.4AI score0.00114EPSS
Exploits0References7
EUVD
EUVD
added 2026/02/14 3:9 p.m.6 views

EUVD-2026-5911

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.3AI score0.00114EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/02/14 3:9 p.m.3 views

CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.1AI score0.00114EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder