251 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007591)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007591 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctpdisposition sctpsfdo51Dce If newasoc-peer.adaptationind=0...
UBUNTU-CVE-2026-31407
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...
GO-2026-4874 Ella Core has a Denial of Service via SCTP connection cleanup deadlock in github.com/ellanetworks/core
Ella Core has a Denial of Service via SCTP connection cleanup deadlock in github.com/ellanetworks/core...
PT-2026-29929
Ella Core has a Denial of Service via SCTP connection cleanup deadlock in github.com/ellanetworks/core...
CVE-2026-33904
Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denia...
CVE-2026-33904
Ella Core is a 5G private-network core. In versions prior to 1.7.0, a deadlock in the AMF SCTP notification handler causes the entire AMF control plane to hang, enabling a denial of service when an attacker with access to the N2 interface sends crafted SCTP notifications. Version 1.7.0 adds defer...
CVE-2026-33904 Ella Core has a Denial of Service via SCTP connection cleanup deadlock
Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denia...
Ella Core has a Denial of Service via SCTP connection cleanup deadlock
Summary A deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. Impact An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denial of service for all subscribers. Fix Add deferred Radio cleanu...
kernel: sctp: avoid NULL dereference when chunk data buffer is missing
In the Linux kernel, the following vulnerability has been resolved: sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced in the if-block where it's supposed to be NULL only. chunk-skb can only be NULL if chunk-headskb is not. Check for fraglist instead...
kernel: sctp: avoid NULL dereference when chunk data buffer is missing
In the Linux kernel, the following vulnerability has been resolved: sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced in the if-block where it's supposed to be NULL only. chunk-skb can only be NULL if chunk-headskb is not. Check for fraglist instead...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005550)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005550 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005562)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005562 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: set skstate back to CLOSED if autobind fails in sctplistenstart In sctplistenstart invoked ...
UBUNTU-CVE-2026-23125
In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...
CVE-2026-23125
In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...
CVE-2026-23125
CVE-2026-23125 (Linux kernel SCTP) : A null-pointer dereference in the SCTP transmit path could occur when SCTP-AUTH key initialization fails during INIT_ACK processing. The issue arises because SCTP_CMD_ASSOC_SHKEY is executed after PEER_INIT and can leave asoc->shkey NULL if key setup fails,...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an improper order of the SCTPCMDASSOCSHKEY command in SCTP, potentially leading to a null pointer...
ROS-20260126-73-0028
A vulnerability in the sctp component of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
SUSE SLES15 Security Update : kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:0247-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0247-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.19 fixes various security issues The following security issues were fixed: -...
SUSE-SU-2026:0188-1 Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.124 fixes various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. - CVE-2022-50490: bpf: Propagate error from htablockbucket to...
Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...