4 matches found
CVE-2026-52917
In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...
SUSE CVE-2025-40331
In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctpdiagdump - sctpforeachendpoint - sctpepdump make sure not to exceed bounds in case the address list has grown between buffer allocatio...
PT-2025-49784
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a time-of-check to time-of-use TOCTOU issue that can lead to an out-of-bounds write. This occurs in the sctp diag dump function, which calls sctp for each...
UBUNTU-CVE-2017-7558
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic...