CVE-2026-53225

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted, truncated ASCONF Address Configuration chunk. This can cause the system to read up to 16 bytes of...

CVE-2026-53225

The CVE-2026-53225 issue affects the Linux kernel SCTP path: __sctp_rcv_asconf_lookup() in net/sctp/input.c may read uninitialized memory when a truncated IPv6 address parameter is declared in an ASCONF chunk. An unauthenticated peer could trigger reads of up to 16 bytes past the parameter if the...

CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

Astra Linux – Vulnerability in Linux

A race condition in Linux kernel SCTP sockets net/sctp/socket.c before version 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If the sctpdestroysock function is called without using the socknetsk-sctp.addrwqlock lock, an element...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000803)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000803 advisory. The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000929)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000929 advisory. The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002182 advisory. The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002405)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002405 advisory. The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002012)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002012 advisory. The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to...

EUVD-2014-3621

Malware in sbrugna...

EUVD-2014-3633

Malware in sbrugna...

SUSE CVE-2024-0639

A denial of service vulnerability due to a deadlock was found in sctpautoasconfinit in net/sctp/socket.c in the Linux kernel's SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system...

AZL-33889 CVE-2024-0639 affecting package kernel for versions less than 5.15.148.1-1

A denial of service vulnerability due to a deadlock was found in sctpautoasconfinit in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system...

K16016: Linux kernel SCTP vulnerability CVE-2014-7841

Security Advisory Description The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...

K15910: Linux kernel SCTP vulnerabilities CVE-2014-3673 and CVE-2014-3687

Security Advisory Description CVE-2014-3673 The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/smstatefuns.c. CVE-2014-3687 The...

SUSE CVE-2014-3673

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/smstatefuns.c...

SUSE CVE-2014-7841

The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...

Ubuntu: Security Advisory (USN-2447-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2444-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2021-23133

A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...