Lucene search
+L

24 matches found

cve
cve
added yesterday8 views

CVE-2026-15422

CVE-2026-15422 concerns illumos SCTP where the inbound path performs association lookups for INIT ACK chunks without validating the address parameters. The vulnerability is triggered during packet classification, before SCTP integrity checks or IPsec policies, allowing a remote, unauthenticated a...

10CVSS6.3AI score
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: SCTP: The instruction “move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT” has been fixed. A null-ptr-deref issue was reported in the SCTP transmission path when the SCTP-AUTH key initialization fails:...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References2
susecve
susecve
added 2026/02/18 12:25 a.m.6 views

SUSE CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References16
nessus
nessus
added 2026/02/16 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-23125

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails:...

5.5CVSS6.1AI score0.00114EPSS
Exploits0References3
euvd
euvd
added 2026/02/14 3:9 p.m.7 views

EUVD-2026-5911

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.3AI score0.00114EPSS
Exploits0References7
osv
osv
added 2025/09/16 8:11 a.m.6 views

CVE-2023-53296 sctp: check send stream number after wait_for_sndbuf

In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after waitforsndbuf This patch fixes a corner case where the asoc out stream count may change after waitforsndbuf. When the main thread in the client starts a connection, if its out stream count is...

5.5CVSS4.8AI score0.00137EPSS
Exploits0References10
redhat
redhat
added 2024/01/30 1:28 p.m.6 views

kernel: sctp: check send stream number after wait_for_sndbuf

In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after waitforsndbuf This patch fixes a corner case where the asoc out stream count may change after waitforsndbuf. When the main thread in the client starts a connection, if its out stream count is...

5.5CVSS6.8AI score0.00137EPSS
Exploits0References5
susecve
susecve
added 2023/02/15 5:53 a.m.5 views

SUSE CVE-2011-1573

net/sctp/smmakechunk.c in the Linux kernel before 2.6.34, when addipenable and authenable are used, does not consider the amount of zero padding during calculation of chunk lengths for 1 INIT and 2 INIT ACK chunks, which allows remote attackers to cause a denial of service OOPS via crafted packet...

5.9CVSS6.5AI score0.02791EPSS
Exploits1References8
susecve
susecve
added 2023/02/15 5:27 a.m.6 views

SUSE CVE-2014-5077

The sctpassocupdate function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and OOPS by starting to establish an association between two endpoints immediately after an...

7.1CVSS6.7AI score0.05794EPSS
Exploits0References9
ubuntucve
ubuntucve
added 2014/08/01 12:0 a.m.35 views

CVE-2014-5077

The sctpassocupdate function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and OOPS by starting to establish an association between two endpoints immediately after an...

7.1CVSS6.8AI score0.05794EPSS
Exploits0References7
nvd
nvd
added 2013/08/29 12:7 p.m.24 views

CVE-2013-5209

The sctpsendinitiateack function in sys/netinet/sctpoutput.c in the SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE does not properly initialize the state-cookie data structure, which allows remote attackers to obtain sensitive information from kernel stack memory by readi...

7.8CVSS5.8AI score0.02511EPSS
Exploits0References5
prion
prion
added 2013/08/29 12:7 p.m.17 views

Stack overflow

The sctpsendinitiateack function in sys/netinet/sctpoutput.c in the SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE does not properly initialize the state-cookie data structure, which allows remote attackers to obtain sensitive information from kernel stack memory by readi...

7.8CVSS6.4AI score0.02511EPSS
Exploits0References5Affected Software1
debiancve
debiancve
added 2013/08/29 10:0 a.m.49 views

CVE-2013-5209

Removed by vendor...

7.8CVSS8.6AI score0.02511EPSS
Exploits0
prion
prion
added 2012/02/02 4:9 a.m.24 views

Code injection

net/sctp/smmakechunk.c in the Linux kernel before 2.6.34, when addipenable and authenable are used, does not consider the amount of zero padding during calculation of chunk lengths for 1 INIT and 2 INIT ACK chunks, which allows remote attackers to cause a denial of service OOPS via crafted packet...

4.3CVSS6.8AI score0.02791EPSS
Exploits1References6Affected Software1
redhat
redhat
added 2011/07/15 5:14 a.m.8 views

kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set

net/sctp/smmakechunk.c in the Linux kernel before 2.6.34, when addipenable and authenable are used, does not consider the amount of zero padding during calculation of chunk lengths for 1 INIT and 2 INIT ACK chunks, which allows remote attackers to cause a denial of service OOPS via crafted packet...

5.9CVSS7.2AI score0.02791EPSS
Exploits1References4
redhat
redhat
added 2011/05/10 6:7 p.m.8 views

kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set

net/sctp/smmakechunk.c in the Linux kernel before 2.6.34, when addipenable and authenable are used, does not consider the amount of zero padding during calculation of chunk lengths for 1 INIT and 2 INIT ACK chunks, which allows remote attackers to cause a denial of service OOPS via crafted packet...

5.9CVSS7.2AI score0.02791EPSS
Exploits1References4
seebug
seebug
added 2011/04/13 12:0 a.m.23 views

Linux Kernel SCTP INIT/INIT-ACK块长度远程拒绝服务漏洞

Bugtraq ID: 47308 Linux是一款开放源代码的操作系统。 在计算INIT/INIT-ACK块长度时,代码只计算了参数长度,而没有计算参数的零填充长度,如AUTH HMACS参数和CHUNKS参数。没有计算零填充长度参数可导致内核触发oops。 Linux kernel 2.6.38 Linux kernel 2.6.37 Linux kernel 2.6.37 Linux kernel 2.6.36 Linux kernel 2.6.35 Linux kernel 2.6.35 Linux kernel 2.6.35 Linux kernel 2.6.34 Linux...

6.8AI score
Exploits0
redhat
redhat
added 2009/01/22 10:39 a.m.6 views

kernel: sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH

sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service OOPS via an INIT-ACK that states the peer does not support AUTH, which causes the sctpprocessinit function to clean up active transports and triggers the OOPS when the T1-Init timer expires...

7.8CVSS5.8AI score0.0368EPSS
Exploits0References4
redhat
redhat
added 2008/12/16 7:30 a.m.5 views

kernel: sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH

sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service OOPS via an INIT-ACK that states the peer does not support AUTH, which causes the sctpprocessinit function to clean up active transports and triggers the OOPS when the T1-Init timer expires...

7.8CVSS5.8AI score0.0368EPSS
Exploits0References4
ubuntu
ubuntu
added 2008/11/27 5:43 p.m.79 views

USN-679-1: Linux kernel vulnerabilities

It was discovered that the Xen hypervisor block driver did not correctly validate requests. A user with root privileges in a guest OS could make a malicious IO request with a large number of blocks that would crash the host OS, leading to a denial of service. This only affected Ubuntu 7.10...

7.8CVSS7.1AI score0.0368EPSS
Exploits7
Rows per page
Query Builder