Lucene search

K
ubuntucveUbuntu.comUB:CVE-2016-9555
HistoryNov 27, 2016 - 12:00 a.m.

CVE-2016-9555

2016-11-2700:00:00
ubuntu.com
ubuntu.com
12

0.736 High

EPSS

Percentile

98.1%

The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel
before 4.8.8 lacks chunk-length checking for the first chunk, which allows
remote attackers to cause a denial of service (out-of-bounds slab access)
or possibly have unspecified other impact via crafted SCTP data.

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
Rows per page:
1-10 of 131