Lucene search
K

5 matches found

AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.10 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: authenable: avoid using current-nsproxy As mentioned in a previous commit of this series, using the net structure via current is not recommended for various reasons: - Inconsistency: obtaining information from the...

5.5CVSS6.1AI score0.00224EPSS
Exploits0References3
NVD
NVD
added 2025/01/19 11:15 a.m.13 views

CVE-2025-21638

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: authenable: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

5.5CVSS0.00224EPSS
Exploits0References10
CVE
CVE
added 2025/01/19 10:17 a.m.243 views

CVE-2025-21638

CVE-2025-21638 - Linux kernel SCTP sysctl auth_enable is fixed. The issue arises from using the current task’s nsproxy via the net structure (current->nsproxy) when reading sctp. sysctl settings, leading to potential NULL pointer dereference if current task is exiting. The fix replaces direct ...

5.5CVSS6.9AI score0.00224EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2025/01/19 10:17 a.m.14 views

CVE-2025-21638 sctp: sysctl: auth_enable: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: authenable: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

5.5CVSS6AI score0.00224EPSS
Exploits0References12
Prion
Prion
added 2014/03/11 1:1 p.m.27 views

Null pointer dereference

The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash via an...

7.8CVSS6.9AI score0.07045EPSS
Exploits0References12Affected Software27
Rows per page
Query Builder