3 matches found
EUVD-2026-38872
In the Linux kernel, the following vulnerability has been resolved: sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the peer AUTH chunk list with if len gauthchunks, which lives at offset...
CVE-2026-53004
Summary of CVE-2026-53004 : In the Linux kernel, sctp_getsockopt_peer_auth_chunks can perform an out-of-bounds write to user space when the caller provides a short optval buffer. The check tests len vs num_chunks but forgets to account for sizeof(struct sctp_authchunks) header (8 bytes), allowing...
PT-2026-51898
Name of the Vulnerable Software and Affected Versions Linux kernel version 7.0-13-generic Description An out-of-bounds write to userspace exists in the sctp getsockopt peer auth chunks function. The function fails to account for the 8-byte header of the struct sctp authchunks when validating the...