kernel: sctp: check send stream number after wait_for_sndbuf

In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after waitforsndbuf This patch fixes a corner case where the asoc out stream count may change after waitforsndbuf. When the main thread in the client starts a connection, if its out stream count is...

usersctp - Out-of-Bounds Reads in sctp_load_addresses_from_init

''' usersctp is SCTP library used by a variety of software including WebRTC. There is a vulnerability in the sctploadaddressesfrominit function of usersctp that can lead to a number of out-of-bound reads. The input to sctploadaddressesfrominit is verified by calling...

UBUNTU-CVE-2014-5077

The sctpassocupdate function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and OOPS by starting to establish an association between two endpoints immediately after an...