34 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53224
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the...
SUSE CVE-2026-53224
In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the remaining cookie payload, but did not ensure that the INIT chunk is large...
SUSE CVE-2026-53246
In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...
CVE-2026-53224
A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. Specifically, improper validation of embedded INIT chunk and address list lengths in SCTP cookies could allow a remote attacker to trigger out-of-bounds reads. This could lead to information disclosur...
CVE-2026-53246
In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...
CVE-2026-53224
In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the remaining cookie payload, but did not ensure that the INIT chunk is large...
UBUNTU-CVE-2026-53224
In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the remaining cookie payload, but did not ensure that the INIT chunk is large...
UBUNTU-CVE-2026-53246
In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...
EUVD-2026-39197
In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...
CVE-2026-53246 sctp: validate cached peer INIT chunk length in COOKIE_ECHO processing
In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...
CVE-2026-53246
CVE-2026-53246 : In the Linux kernel SCTP implementation, a vulnerability exists in how COOKIE_ECHO payloads are processed. The cached peer INIT chunk embedded after the cookie could have its header length inflated without proper validation, allowing the parameter walk (via sctp_walk_params/sctp_...
CVE-2026-53224
The vulnerability CVE-2026-53224 affects the Linux kernel SCTP implementation. The issue arises from insufficient validation of embedded INIT chunks and address list lengths in cookies: sctp_unpack_cookie() may accept a truncated INIT chunk, and the subsequent sctp_process_init() could read INIT ...
CVE-2026-53224
In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the remaining cookie payload, but did not ensure that the INIT chunk is large...
CVE-2026-53224 sctp: validate embedded INIT chunk and address list lengths in cookie
In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the remaining cookie payload, but did not ensure that the INIT chunk is large...
CVE-2026-53224 sctp: validate embedded INIT chunk and address list lengths in cookie
In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the remaining cookie payload, but did not ensure that the INIT chunk is large...
PT-2026-52319
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SCTP implementation where sctp unpack cookie fails to ensure that the embedded INIT chunk is large enough to contain a complete INIT header. A malformed COOKIE ECH...
VulnCheck KEV: CVE-2010-1173
The sctpprocessunkparam function in net/sctp/smmakechunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service system crash via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000803)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000803 advisory. The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001916)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001916 advisory. The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to...
K16016: Linux kernel SCTP vulnerability CVE-2014-7841
Security Advisory Description The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...