Astra Linux - уязвимость в linux, linux-5.10

A flaw was discovered in the Linux SCTP stack. A blind attacker may be able to terminate an existing SCTP connection by using invalid chunks, provided that the attacker knows the IP addresses and port numbers being used, and that the attacker can send packets with spoofed IP addresses...

Linux Distros Unpatched Vulnerability : CVE-2025-40281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift- out-of-bounds 1 Blamed commit added rtoalphamax and...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21639)

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

EUVD-2006-2272

Malware in sbrugna...

EUVD-2006-2273

Malware in sbrugna...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-010)

The version of kernel installed on the remote host is prior to 5.4.162-86.275. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-010 advisory. 2024-08-27: CVE-2021-47190 was added to this advisory. 2024-08-27: CVE-2021-47184 was added to this advisor...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-049)

The version of kernel installed on the remote host is prior to 5.10.82-83.359. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-049 advisory. A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose handler could...

SUSE CVE-2006-2272

Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service kernel panic via incoming IP fragmented 1 COOKIEECHO and 2 HEARTBEAT SCTP control chunks...

SUSE CVE-2006-2274

Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service infinite recursion and crash via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-008)

The version of kernel installed on the remote host is prior to 5.10.82-83.359. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-008 advisory. A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose handler could...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1780)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1779)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attack...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1681)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.

...

CVE-2021-3772

A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A flaw in the Linux kernel's Stream Control Transmission Protocol SCTP implementation could allow a remote attacker to cause a denial of service if the sysctl "net.sctp.addipenable" and "authenable" variables were turned on they are off by default...

security flaw

Unspecified vulnerability in the sctpmakeabortuser function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service panic and possibly gain root privileges via unknown attack vectors...

security flaw

The ECNE chunk handling in Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service kernel panic via an unexpected chunk when the session is in CLOSED state...

Design/Logic Flaw

Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service deadlock via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer."...

CVE-2006-2275

Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service deadlock via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer."...