2 matches found
CVE-2022-50243
CVE-2022-50243 – Linux kernel SCTP use-after-free (summary from connected advisories) The vulnerability arises in SCTP when an error is returned from sctp_auth_asoc_init_active_key(): the old sh_key could be freed while still in use as the active key, leading to a use-after-free during packet sen...
GSD-2022-1007527 sctp: handle the error returned from sctp_auth_asoc_init_active_key
sctp: handle the error returned from sctpauthasocinitactivekey This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...