Lucene search
K

18 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A flaw was discovered in the Linux SCTP stack. A blind attacker may be able to terminate an existing SCTP connection by using invalid chunks, provided that the attacker knows the IP addresses and port numbers being used, and that the attacker can send packets with spoofed IP addresses...

6.5CVSS6.7AI score0.0124EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/01 12:0 a.m.32 views

CVE-2026-37235

FlexRIC v2.0.0 trusts the xappid field from E42 message payloads without binding it to the sender's SCTP association. The validation function validxappid only checks that the value is within the assigned range. A remote unauthenticated attacker can impersonate any xApp by specifying their xappid ...

0.0057EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/sctp: The issue of integer overflow during autoclose operations in sctpassociationinit has been addressed. By default, maxautoclose equals INTMAX / HZ. However, it is possible to set net.sctp.maxautoclose to UINTMAX. There is...

5.5CVSS6.3AI score0.00207EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.19 views

openSUSE 16 Security Update : kernel (openSUSE-SU-2026:20572-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20572-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scs...

9.8CVSS6.3AI score0.00812EPSS
Exploits3References170
OSV
OSV
added 2026/04/20 3:44 p.m.3 views

SUSE-SU-2026:21361-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. - CVE-2025-40253: s390/ctcm: Fix double-kfree bsc1255084. -...

9.8CVSS6.3AI score0.00812EPSS
Exploits3References122
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000724)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000724 advisory. The sctpassocupdate function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a deni...

7.1CVSS6.4AI score0.05794EPSS
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001094 advisory. Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of...

10CVSS7.2AI score0.09828EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002161)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002161 advisory. Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of...

10CVSS7.2AI score0.09828EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.9 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-415238)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-415238 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctpassociationinit While by default maxautoclose...

5.5CVSS6.3AI score0.00207EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/03/08 8:0 a.m.8 views

net/sctp: Prevent autoclose integer overflow in sctp_association_init()

...

5.5CVSS7.4AI score0.00207EPSS
Exploits0
OSV
OSV
added 2025/01/21 12:15 p.m.4 views

DEBIAN-CVE-2024-57938

In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctpassociationinit While by default maxautoclose equals to INTMAX / HZ, one may set net.sctp.maxautoclose to UINTMAX. There is code in sctpassociationinit that can consequently...

5.5CVSS5.9AI score0.00207EPSS
Exploits0References1
OSV
OSV
added 2025/01/21 12:15 p.m.13 views

AZL-55916 CVE-2024-57938 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctpassociationinit While by default maxautoclose equals to INTMAX / HZ, one may set net.sctp.maxautoclose to UINTMAX. There is code in sctpassociationinit that can consequently...

5.5CVSS6.8AI score0.00207EPSS
Exploits0References1
OSV
OSV
added 2025/01/21 12:15 p.m.13 views

AZL-55901 CVE-2024-57938 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctpassociationinit While by default maxautoclose equals to INTMAX / HZ, one may set net.sctp.maxautoclose to UINTMAX. There is code in sctpassociationinit that can consequently...

5.5CVSS5.8AI score0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/21 12:9 p.m.5 views

CVE-2024-57938 net/sctp: Prevent autoclose integer overflow in sctp_association_init()

In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctpassociationinit While by default maxautoclose equals to INTMAX / HZ, one may set net.sctp.maxautoclose to UINTMAX. There is code in sctpassociationinit that can consequently...

7.7AI score0.00207EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.3 views

Linux kernel 输入验证错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates in the sctpassociationinit function in the net/sctp module that could trigger an integer overflow, which could...

5.5CVSS6.5AI score0.00207EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.46 views

Amazon Linux AMI : kernel (ALAS-2023-1688)

The version of kernel installed on the remote host is prior to 4.14.262-135.486. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1688 advisory. 2024-04-30: CVE-2023-0047 was removed from this advisory rejected. 2024-02-01: CVE-2023-0047 was added to this...

7.4CVSS6.7AI score0.06846EPSS
Exploits1References22
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.5 views

SUSE CVE-2015-1421

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...

10CVSS7.3AI score0.09828EPSS
Exploits0References12
OSV
OSV
added 2015/03/16 10:59 a.m.3 views

DEBIAN-CVE-2015-1421

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...

10CVSS8.2AI score0.09828EPSS
Exploits0References1
Rows per page
Query Builder