Lucene search
+L

79 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/27 8:14 a.m.10 views

sctp: fix uninit-value in __sctp_rcv_asconf_lookup()

...

9.1CVSS5.8AI score0.00544EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.8 views

SUSE CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS5.8AI score0.00544EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 5:47 p.m.11 views

CVE-2026-53225

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted, truncated ASCONF Address Configuration chunk. This can cause the system to read up to 16 bytes of...

9.1CVSS5.8AI score0.00544EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS0.00544EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.5 views

UBUNTU-CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS5.7AI score0.00544EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

5.6AI score0.00544EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/06/25 8:39 a.m.35 views

CVE-2026-53225

The CVE-2026-53225 entry describes a Linux kernel SCTP vulnerability in __sctp_rcv_asconf_lookup() where an unauthenticated peer can send a truncated ASCONF chunk; the code may read 16 bytes of uninitialized memory past the address parameter when the chunk’s length is misdeclared. Affected compon...

9.1CVSS5.7AI score0.00544EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.7 views

CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS5.6AI score0.00544EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.33 views

CVE-2026-53225 sctp: fix uninit-value in __sctp_rcv_asconf_lookup()

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS0.00544EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux

A race condition in Linux kernel SCTP sockets net/sctp/socket.c before version 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If the sctpDestroySock function is called without using the socknetsk-sctp.addrwqlock lock, an element...

7CVSS6.7AI score0.00482EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000929)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000929 advisory. The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial...

7.8CVSS7.1AI score0.08579EPSS
Exploits1References25
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000803)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000803 advisory. The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to...

5CVSS6.7AI score0.0523EPSS
Exploits1References25
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002182 advisory. The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial...

7.8CVSS7.1AI score0.08579EPSS
Exploits1References25
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002405)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002405 advisory. The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to...

7.8CVSS7AI score0.07461EPSS
Exploits1References23
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002012)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002012 advisory. The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to...

7.8CVSS7AI score0.07461EPSS
Exploits1References23
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-3621

Malware in sbrugna...

7.8CVSS6.6AI score0.07461EPSS
Exploits1References30
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-3633

Malware in sbrugna...

7.8CVSS6.6AI score0.08579EPSS
Exploits1References32
SUSE CVE
SUSE CVE
added 2024/06/04 12:25 p.m.3 views

SUSE CVE-2024-0639

A denial of service vulnerability due to a deadlock was found in sctpautoasconfinit in net/sctp/socket.c in the Linux kernel's SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system...

4.7CVSS6.4AI score0.00161EPSS
Exploits0References21
OSV
OSV
added 2024/01/17 4:15 p.m.5 views

AZL-33889 CVE-2024-0639 affecting package kernel for versions less than 5.15.148.1-1

A denial of service vulnerability due to a deadlock was found in sctpautoasconfinit in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system...

5.5CVSS6.5AI score0.00161EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.40 views

K16016: Linux kernel SCTP vulnerability CVE-2014-7841

Security Advisory Description The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...

5CVSS6.4AI score0.0523EPSS
Exploits1Affected Software20
Rows per page
Query Builder