Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003052)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003052 advisory. The sctpdopeeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003539)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003539 advisory. An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8...

Linux Distros Unpatched Vulnerability : CVE-2025-40187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sctp: fix a null dereference in sctpdisposition sctpsfdo51Dce If newasoc-peer.adaptationind=0 and sctpulpeventmakeauthkey=0 and sctpulpeventmakeauthkey...

EUVD-2024-53841

Malicious code in bioql PyPI...

CVE-2024-57938

In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctpassociationinit While by default maxautoclose equals to INTMAX / HZ, one may set net.sctp.maxautoclose to UINTMAX. There is code in sctpassociationinit that can consequently...

Linux kernel 输入验证错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates in the sctpassociationinit function in the net/sctp module that could trigger an integer overflow, which could...

CVE-2024-0639

A denial of service vulnerability due to a deadlock was found in sctpautoasconfinit in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system...

CVE-2018-25015

A flaw was found in the Linux kernel. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off. The highest threat from the vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2018-25015

An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8...

Double free

An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8...

CVE-2018-25015

An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8...

CVE-2018-25015

CVE-2018-25015 affects the Linux kernel up to version 4.14.15, with a use-after-free in net/sctp/socket.c when a lock is held after a peel-off (CID-a0ff660058b8). Exploitation details are not provided in the supplied documents, but CVSS v3 indicates a high impact. The ChangeLog entry for 4.14.16 ...

CVE-2018-5803

An error in the "sctpmakechunk" function net/sctp/smmakechunk.c when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1342)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "sctpmakechunk" function net/sctp/smmakechunk.c when handling SCTP packets length can be exploited to cause a kernel crash...

CVE-2018-5803

CVE-2018-5803 affects the Linux kernel SCTP chunk handling: a length check flaw in _sctp_make_chunk() (net/sctp/sm_make_chunk.c) can trigger a kernel crash/DoS. Affected kernel versions include 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102. Public advisories (Debian, CentOS/Red Hat, Ubunt...

CVE-2017-15115

The sctpdopeeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service use-after-free and system crash or possibly have unspecified other impact via crafted syste...

CVE-2017-15115

CVE-2017-15115: Linux kernel prior to 4.14 allows local users to trigger a denial of service (use-after-free in sctp_do_peeloff in net/sctp/socket.c) via crafted system calls. Impact is system crash; no explicit exploit details provided in the documents beyond this. The IBM bulletin references th...

kernel security and bug fix update

2.6.32-642.15.1 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424626 1424628 CVE-2017-6074 2.6.32-642.14.1 - net sctp: validate chunk len before actually using it Hangbin Liu 1399456 1399457 CVE-2016-9555 - netdrv qlcnic: add wmb call in transmit data path Harish...

Oracle: Security Advisory (ELSA-2014-3087)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...