258 matches found
UBUNTU-CVE-2024-50299
In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctpsfootb A size validation fix similar to that in Commit 50619dbf8db7 "sctp: add size validation when walking chunks" is also required in sctpsfootb to address a crash reported by syzbot:...
kernel: sctp: Fix null-ptr-deref in reuseport_add_sock().
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...
AZL-52914 CVE-2024-49944 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: sctp: set skstate back to CLOSED if autobind fails in sctplistenstart In sctplistenstart invoked by sctpinetlisten, it should set the skstate back to CLOSED if sctpautobind fails due to whatever reason. Otherwise, next time when...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to reset skstate to CLOSED in the sctp subsystem upon an auto-bind failure, which could result i...
The vulnerability of the sctp_sf_do_unexpected_init() function in the Linux kernel of the SCTP protocol allows a attacker to cause a service failure.
The vulnerability of the sctpsfdounexpectedinit function in the SCTP protocol’s kernel implementation in Linux is related to a memory leak that occurs when processing invalid INIT packets. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...
DEBIAN-CVE-2024-44935
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...
The vulnerability of the sctp_sock_dump() function in the Linux operating system’s SCTP kernel component, which allows a hacker to cause a service failure
The vulnerability of the sctpsockdump function in the Linux operating system’s SCTP kernel component is related to the use of callrcu for memory release. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the update_sctp_checksum() function in the QEMU hardware emulation software allows a hacker to trigger a service failure.
The vulnerability of the updatesctpchecksum function in the QEMU hardware emulation software is related to a flaw that allows an attacker to cause a service failure when attempting to calculate the checksum of a small-sized fragmented packet. Exploiting this vulnerability could enable a remote...
kernel: netfilter: xtables sctp out-of-bounds read in match_flags()
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctpmtcheck did not validate the flagcount field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...
DEBIAN-CVE-2021-47397
In the Linux kernel, the following vulnerability has been resolved: sctp: break out if skbheaderpointer returns NULL in sctprcvootb We should always check if skbheaderpointer's return is NULL before using it, otherwise it may cause null-ptr-deref, as syzbot reported: KASAN: null-ptr-deref in rang...
kernel: sctp: fail if no bound addresses can be used for a given scope
A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...
kernel: sctp: fail if no bound addresses can be used for a given scope
A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...
kernel: sctp: fail if no bound addresses can be used for a given scope
A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...
kernel: sctp: fix a potential overflow in sctp_ifwdtsn_skip
In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...
kernel: sctp: fail if no bound addresses can be used for a given scope
A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...
kernel: sctp: fail if no bound addresses can be used for a given scope
A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...
kernel: sctp: fail if no bound addresses can be used for a given scope
A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...
Kernel: netfilter: xtables sctp out-of-bounds read in match_flags()
...
A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service.
...
SUSE CVE-2023-2177
A null pointer dereference issue was found in the sctp network protocol in net/sctp/streamsched.c in Linux Kernel. If streamin allocation is failed, streamout is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service...