Lucene search
K

251 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007591 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctpdisposition sctpsfdo51Dce If newasoc-peer.adaptationind=0...

5.6AI score0.00188EPSS
Exploits0References4
OSV
OSV
added 2026/04/06 8:16 a.m.7 views

UBUNTU-CVE-2026-31407

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...

7.1CVSS5.7AI score0.00169EPSS
Exploits0References5
OSV
OSV
added 2026/04/02 6:42 p.m.6 views

GO-2026-4874 Ella Core has a Denial of Service via SCTP connection cleanup deadlock in github.com/ellanetworks/core

Ella Core has a Denial of Service via SCTP connection cleanup deadlock in github.com/ellanetworks/core...

6.5CVSS5.9AI score0.00165EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.7 views

PT-2026-29929

Ella Core has a Denial of Service via SCTP connection cleanup deadlock in github.com/ellanetworks/core...

6.5CVSS5.9AI score0.00165EPSS
Exploits0References5
NVD
NVD
added 2026/03/27 9:17 p.m.8 views

CVE-2026-33904

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denia...

6.5CVSS0.00165EPSS
Exploits0References3
CVE
CVE
added 2026/03/27 8:55 p.m.14 views

CVE-2026-33904

Ella Core is a 5G private-network core. In versions prior to 1.7.0, a deadlock in the AMF SCTP notification handler causes the entire AMF control plane to hang, enabling a denial of service when an attacker with access to the N2 interface sends crafted SCTP notifications. Version 1.7.0 adds defer...

6.5CVSS5.9AI score0.00165EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/27 8:55 p.m.21 views

CVE-2026-33904 Ella Core has a Denial of Service via SCTP connection cleanup deadlock

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denia...

6.5CVSS0.00165EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/26 10:13 p.m.8 views

Ella Core has a Denial of Service via SCTP connection cleanup deadlock

Summary A deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. Impact An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denial of service for all subscribers. Fix Add deferred Radio cleanu...

6.5CVSS5.8AI score0.00165EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2026/03/25 4:12 a.m.13 views

kernel: sctp: avoid NULL dereference when chunk data buffer is missing

In the Linux kernel, the following vulnerability has been resolved: sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced in the if-block where it's supposed to be NULL only. chunk-skb can only be NULL if chunk-headskb is not. Check for fraglist instead...

5.8AI score0.00177EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/17 3:0 p.m.6 views

kernel: sctp: avoid NULL dereference when chunk data buffer is missing

In the Linux kernel, the following vulnerability has been resolved: sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced in the if-block where it's supposed to be NULL only. chunk-skb can only be NULL if chunk-headskb is not. Check for fraglist instead...

5.8AI score0.00177EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005550)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005550 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with...

7.8CVSS6AI score0.00155EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005562)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005562 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: set skstate back to CLOSED if autobind fails in sctplistenstart In sctplistenstart invoked ...

5.5CVSS6.8AI score0.00277EPSS
Exploits0References3
OSV
OSV
added 2026/02/14 3:16 p.m.7 views

UBUNTU-CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References32
UbuntuCve
UbuntuCve
added 2026/02/14 3:16 p.m.4 views

CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References28
CVE
CVE
added 2026/02/14 3:9 p.m.26 views

CVE-2026-23125

CVE-2026-23125 (Linux kernel SCTP) : A null-pointer dereference in the SCTP transmit path could occur when SCTP-AUTH key initialization fails during INIT_ACK processing. The issue arises because SCTP_CMD_ASSOC_SHKEY is executed after PEER_INIT and can leave asoc->shkey NULL if key setup fails,...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an improper order of the SCTPCMDASSOCSHKEY command in SCTP, potentially leading to a null pointer...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References7
Redos
Redos
added 2026/01/26 12:0 a.m.5 views

ROS-20260126-73-0028

A vulnerability in the sctp component of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS7.1AI score0.00187EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/24 12:0 a.m.5 views

SUSE SLES15 Security Update : kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:0247-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0247-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.19 fixes various security issues The following security issues were fixed: -...

7.8CVSS6AI score0.00175EPSS
Exploits0References7
OSV
OSV
added 2026/01/20 2:6 p.m.7 views

SUSE-SU-2026:0188-1 Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.124 fixes various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. - CVE-2022-50490: bpf: Propagate error from htablockbucket to...

7.8CVSS6.8AI score0.00175EPSS
Exploits0References11
SUSE Linux
SUSE Linux
added 2026/01/19 7:33 p.m.9 views

Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...

9.2CVSS7.4AI score0.0018EPSS
Exploits2References40
Rows per page
Query Builder