Lucene search
K

12 matches found

SUSE CVE
SUSE CVE
added 2025/12/08 12:23 a.m.8 views

SUSE CVE-2025-40281

In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of-bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...

6.4AI score0.00189EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/07 9:55 p.m.3 views

CVE-2025-40281

In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of-bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...

7CVSS5.5AI score0.00189EPSS
Exploits0References4
NVD
NVD
added 2025/12/06 10:15 p.m.5 views

CVE-2025-40281

In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of-bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...

0.00189EPSS
Exploits0References9
CVE
CVE
added 2025/12/06 9:51 p.m.29 views

CVE-2025-40281

In the Linux kernel, CVE-2025-40281 affects SCTP in net/sctp/transport.c, where a shift-out-of-bounds could occur in sctp_transport_update_rto if rto_alpha_max/rto_beta_max were very large. The fix adds a run-time test to prevent regressions and includes READ_ONCE() annotations since sysctl value...

6AI score0.00189EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/12/06 9:51 p.m.18 views

CVE-2025-40281 sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto

In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of-bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...

0.00189EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2025/12/06 9:51 p.m.5 views

CVE-2025-40281

In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of-bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...

5.3AI score0.00189EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/11/25 12:37 p.m.8 views

kernel: sctp: linearize cloned gso packets in sctp_rcv

A flaw use of uninitialized memory uncontrolled and invisible by attacker in the Linux kernel SCTP transport protocol was found in the way user triggers malicious SCTP packets. A remote user could use this flaw to crash the system. The bug actual only for systems where SCTP protocol being enabled...

7.8CVSS5.8AI score0.00151EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-13103

Malicious code in bioql PyPI...

7.3AI score0.00185EPSS
Exploits0References10
OSV
OSV
added 2025/05/01 1:15 p.m.3 views

UBUNTU-CVE-2025-23142

In the Linux kernel, the following vulnerability has been resolved: sctp: detect and prevent references to a freed transport in sendmsg sctpsendmsg re-uses associations and transports when possible by doing a lookup based on the socket endpoint and the message destination address, and then...

7.8CVSS6.3AI score0.00185EPSS
Exploits0References41
Cvelist
Cvelist
added 2025/05/01 12:55 p.m.14 views

CVE-2025-23142 sctp: detect and prevent references to a freed transport in sendmsg

In the Linux kernel, the following vulnerability has been resolved: sctp: detect and prevent references to a freed transport in sendmsg sctpsendmsg re-uses associations and transports when possible by doing a lookup based on the socket endpoint and the message destination address, and then...

0.00185EPSS
Exploits0References9
CVE
CVE
added 2025/05/01 12:55 p.m.140 views

CVE-2025-23142

CVE-2025-23142 details are not provided in the supplied documents; monitor for updates.

7.8CVSS6.9AI score0.00185EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2023/10/09 6:15 p.m.3 views

DEBIAN-CVE-2023-39193

A flaw was found in the Netfilter subsystem in the Linux kernel. The sctpmtcheck did not validate the flagcount field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...

6CVSS6AI score0.00415EPSS
Exploits0References1
Rows per page
Query Builder