Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000724)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000724 advisory. The sctpassocupdate function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a deni...

SUSE CVE-2022-50243

In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctpauthasocinitactivekey When it returns an error from sctpauthasocinitactivekey, the activekey is actually not updated. The old shkey will be freeed while it's still used as active key in...

CVE-2022-50243

CVE-2022-50243 – Linux kernel SCTP use-after-free (summary from connected advisories) The vulnerability arises in SCTP when an error is returned from sctp_auth_asoc_init_active_key(): the old sh_key could be freed while still in use as the active key, leading to a use-after-free during packet sen...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of the sctpauthasocinitactivekey error, which could lead to reuse after release...

CVE-2019-15878

In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when an application tries to update an SCTP-AUTH shared key...

SUSE CVE-2008-4445

The sctpauthepsethmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTPAUTHHMACIDMAX, which...

PT-2022-35352 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue is related to the handling of an error returned from sctp auth asoc init active key. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a deficiency was found in the Linux kernel Stream Control Transmission Protocol SCTP Authentication Extension implementation. All the SCTP-AUTH socket options could cause a kernel panic if the API was used when the extensi...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists when SCTP authentication is enabled, when establishing an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association...

kernel: net: slab corruption from use after free on INIT collisions

A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...

Oracle Linux 6 : kernel (ELSA-2014-1392)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1392 advisory. - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094458 CVE-2014-0205 Tenable has extracted the preceding description block direct...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel Security (ELSA-2014-3083)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3083 advisory. - ALSA: control: Don't access controls outside of protected regions Lars-Peter Clausen Orabug: 19817787 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 -...

[USN-2359-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-2359-1 September 23, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2358-1)

Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service host OS memory corruption or possibly have other unspecified impact on the host OS. CVE-2014-3601 Jason...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2359-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2359-1 advisory. Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this...

Ubuntu: Security Advisory (USN-2358-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2359-1 linux vulnerabilities

Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service host OS memory corruption or possibly have other unspecified impact on the host OS. CVE-2014-3601 Jason...

USN-2358-1: Linux kernel (Trusty HWE) vulnerabilities

Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service host OS memory corruption or possibly have other unspecified impact on the host OS. CVE-2014-3601 Jason...

Ubuntu 10.04 LTS : linux vulnerabilities (USN-2332-1)

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Forster reported an error in the Linux kernels syscall auditing on 32 bit...

Ubuntu: Security Advisory (USN-2332-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...