CVE-2026-53224

The CVE-2026-53224 entry pertains to the Linux kernel SCTP cookie parsing. The vulnerability arises because sctp_unpack_cookie() only validated that an embedded INIT chunk’s length did not exceed the remaining cookie payload, but did not ensure the INIT header fit, allowing a malformed COOKIE_ECH...

Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet...