Lucene search
K

4 matches found

NVD
NVD
added 2026/06/24 8:16 a.m.7 views

CVE-2026-52917

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

7.1CVSS0.00126EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2025/12/10 12:26 a.m.3 views

SUSE CVE-2025-40331

In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctpdiagdump - sctpforeachendpoint - sctpepdump make sure not to exceed bounds in case the address list has grown between buffer allocatio...

5.5CVSS6.8AI score0.00209EPSS
Exploits0References28
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-49784

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a time-of-check to time-of-use TOCTOU issue that can lead to an out-of-bounds write. This occurs in the sctp diag dump function, which calls sctp for each...

6.2AI score0.00209EPSS
Exploits0
OSV
OSV
added 2018/07/26 3:29 p.m.4 views

UBUNTU-CVE-2017-7558

A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic...

7.5CVSS6.6AI score0.03763EPSS
Exploits4References5
Rows per page
Query Builder