kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

kernel: sctp: fix a potential overflow in sctp_ifwdtsn_skip

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...

kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

Kernel: netfilter: xtables sctp out-of-bounds read in match_flags()

...

A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service.

...

SUSE CVE-2023-2177

A null pointer dereference issue was found in the sctp network protocol in net/sctp/streamsched.c in Linux Kernel. If streamin allocation is failed, streamout is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A memory misreference vulnerability exists in the Linux kernel, which arises from the failure to free, or the inability to free, dynamically allocated heap memory in the Stream...

The vulnerability in the implementation of the SCTP (Stream Control Transmission Protocol) kernel of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the SCTP Stream Control Transmission Protocol implementation in the Linux operating system relates to the situation where a user launches a malicious network service, and someone else connects to that service. This can lead to a shortage of resources for local users. Exploiti...

SUSE CVE-2023-1074

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

UBUNTU-CVE-2023-1074

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

SUSE CVE-2006-2934

SCTP conntrack ipconntrackprotosctp.c in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service crash via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference ...

SUSE CVE-2008-2826

Integer overflow in the sctpgetsockoptlocaladdrsold function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service resource consumption and system outage via vectors involving a large...

SUSE CVE-2008-4113

The sctpgetsockopthmacident function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows loc...

SUSE CVE-2008-4618

The Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service panic via unspecified vectors, related to...

SUSE CVE-2009-0065

Buffer overflow in net/sctp/smstatefuns.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN aka FORWARD-TSN chunk with a large stream ID...

SUSE CVE-2014-0101

The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash via an...