3 matches found
CVE-2022-50243
CVE-2022-50243 – Linux kernel SCTP use-after-free (summary from connected advisories) The vulnerability arises in SCTP when an error is returned from sctp_auth_asoc_init_active_key(): the old sh_key could be freed while still in use as the active key, leading to a use-after-free during packet sen...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of the sctpauthasocinitactivekey error, which could lead to reuse after release...
CVE-2019-15878
In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when an application tries to update an SCTP-AUTH shared key...