258 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003359)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003359 advisory. A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002072)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002072 advisory. The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service memory consumption by triggering a large number of...
kernel: sctp: avoid NULL dereference when chunk data buffer is missing
In the Linux kernel, the following vulnerability has been resolved: sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced in the if-block where it's supposed to be NULL only. chunk-skb can only be NULL if chunk-headskb is not. Check for fraglist instead...
ALSA-2026:0444 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: rc: fix races with imondisconnect CVE-2025-39993 kernel: sctp: avoid NULL dereference when chunk data buffer is missing CVE-2025-40240 kernel: libceph: fix potential use-after-free...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000339)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000339 advisory. In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the sctpsendmsg function net/sctp/socket.c when handling SCTPSENDALL flag can be...
PT-2026-8118
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.0 Description A null pointer dereference issue was identified in the SCTP transmit path during SCTP-AUTH key initialization. This occurs when processing an INIT ACK, specifically if sctp auth asoc init active...
kernel: sctp: linearize cloned gso packets in sctp_rcv
A flaw use of uninitialized memory uncontrolled and invisible by attacker in the Linux kernel SCTP transport protocol was found in the way user triggers malicious SCTP packets. A remote user could use this flaw to crash the system. The bug actual only for systems where SCTP protocol being enabled...
kernel: sctp: linearize cloned gso packets in sctp_rcv
A flaw use of uninitialized memory uncontrolled and invisible by attacker in the Linux kernel SCTP transport protocol was found in the way user triggers malicious SCTP packets. A remote user could use this flaw to crash the system. The bug actual only for systems where SCTP protocol being enabled...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2025-40331
In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctpdiagdump - sctpforeachendpoint - sctpepdump make sure not to exceed bounds in case the address list has grown between buffer allocatio...
CVE-2025-40331 sctp: Prevent TOCTOU out-of-bounds write
In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctpdiagdump - sctpforeachendpoint - sctpepdump make sure not to exceed bounds in case the address list has grown between buffer allocatio...
sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto
...
sctp: avoid NULL dereference when chunk data buffer is missing
...
SUSE CVE-2025-40240
In the Linux kernel, the following vulnerability has been resolved: sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced in the if-block where it's supposed to be NULL only. chunk-skb can only be NULL if chunk-headskb is not. Check for fraglist instead...
UBUNTU-CVE-2025-40240
In the Linux kernel, the following vulnerability has been resolved: sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced in the if-block where it's supposed to be NULL only. chunk-skb can only be NULL if chunk-headskb is not. Check for fraglist instead...
CVE-2025-40240
In CVE-2025-40240, the Linux kernel SCTP path had a NULL dereference when chunk data buffer was missing. The fix ensures chunk->skb is not dereferenced unless the chunk head indicates a valid skb, by checking frag_list and reordering the replacement of chunk->skb. The outer if() condition g...
net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()
...
EUVD-2025-150387
In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctpdisposition sctpsfdo51Dce If newasoc-peer.adaptationind=0 and sctpulpeventmakeauthkey=0 and sctpulpeventmakeauthkey returns 0, then the variable aiev remains zero and the zero will be...
UBUNTU-CVE-2025-40187
In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctpdisposition sctpsfdo51Dce If newasoc-peer.adaptationind=0 and sctpulpeventmakeauthkey=0 and sctpulpeventmakeauthkey returns 0, then the variable aiev remains zero and the zero will be...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990769)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990769 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: clear outcurr if all frag chunks of current msg are pruned A crash was reported by Zhen Che...