Lucene search
+L

258 matches found

RedHat Linux
RedHat Linux
added 2015/06/09 2:24 p.m.5 views

kernel: net: slab corruption from use after free on INIT collisions

A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...

10CVSS6.7AI score0.09828EPSS
Exploits0References4
OSV
OSV
added 2015/04/08 10:27 p.m.4 views

USN-2563-1 linux vulnerabilities

Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP Stream Control Transmission Protocol subsystem during INIT collisions. A remote attacker could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges on the system. CVE-2015-1421...

10CVSS6.8AI score0.09828EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2015/03/26 11:58 a.m.7 views

kernel: net: slab corruption from use after free on INIT collisions

A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...

10CVSS6.7AI score0.09828EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/01/27 7:44 p.m.6 views

kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet

A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...

5CVSS6.7AI score0.0523EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/01/20 5:21 p.m.6 views

kernel: net: sctp: fix panic on duplicate ASCONF chunks

A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled duplicate Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...

7.8CVSS6.7AI score0.08579EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/01/13 6:27 p.m.4 views

kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks

A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled malformed Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...

7.8CVSS6.7AI score0.07461EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/12/16 7:12 p.m.5 views

kernel: net: sctp: fix panic on duplicate ASCONF chunks

A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled duplicate Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...

7.8CVSS6.7AI score0.08579EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/12/16 7:12 p.m.5 views

kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks

A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled malformed Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system...

7.8CVSS6.7AI score0.07461EPSS
Exploits1References4
OSV
OSV
added 2014/11/30 1:59 a.m.2 views

DEBIAN-CVE-2014-3688

The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service memory consumption by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/smstatefuns.c...

5CVSS7.5AI score0.0585EPSS
Exploits1References1
OSV
OSV
added 2014/11/29 12:0 a.m.5 views

UBUNTU-CVE-2014-7841

The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...

5CVSS7AI score0.0523EPSS
Exploits1References10
OSV
OSV
added 2014/11/10 11:55 a.m.2 views

DEBIAN-CVE-2014-3673

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/smstatefuns.c...

7.5CVSS8.1AI score0.07461EPSS
Exploits1References1
OSV
OSV
added 2014/11/10 12:0 a.m.4 views

UBUNTU-CVE-2014-3673

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/smstatefuns.c...

7.5CVSS6.8AI score0.07461EPSS
Exploits1References10
OSV
OSV
added 2014/11/10 12:0 a.m.4 views

UBUNTU-CVE-2014-3687

The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service panic via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter...

7.5CVSS6.8AI score0.08579EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2014/10/30 5:22 p.m.5 views

Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions

A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...

7.1CVSS6.7AI score0.05794EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/10/23 5:1 p.m.7 views

Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions

A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...

7.1CVSS6.7AI score0.05794EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/10/13 9:28 p.m.3 views

Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions

A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...

7.1CVSS6.7AI score0.05794EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/08/20 10:51 a.m.5 views

Kernel: net: SCTP: fix a NULL pointer dereference during INIT collisions

A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system...

7.1CVSS6.7AI score0.05794EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/03/31 4:31 p.m.5 views

wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)

REJECTED CVE This CVE has been rejected. This candidate is a duplicate of CVE-2012-6056. Note: All CVE users should reference CVE-2012-6056 instead of this candidate...

6.2AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/03/31 4:31 p.m.9 views

wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)

Integer overflow in the dissectsackchunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service infinite loop via a crafted Duplicate TSN count...

5CVSS6.4AI score0.02662EPSS
Exploits0References4
OSV
OSV
added 2014/03/11 12:0 a.m.3 views

UBUNTU-CVE-2014-0101

The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash via an...

7.8CVSS6.4AI score0.07045EPSS
Exploits0References15
Rows per page
Query Builder