Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:23717
HistoryApr 10, 2020 - 12:34 a.m.

Information Disclosure

2020-04-1000:34:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19
information disclosure
kernel
linux
sctp
vulnerability
boundary checks
specially crafted
ioctl request

EPSS

0

Percentile

10.4%

kernel is vulnerable to information disclosure. The vulnerability exists as missing boundary checks were reported in the Linux kernel SCTP implementation. This could, potentially, cause information disclosure via a specially crafted SCTP_HMAC_IDENT IOCTL request.

Affected configurations

Vulners
Node
-kernel-rtMatch2.6.24.7_74.el5rt
OR
-kernel-rtMatch2.6.24.7_74.el5rt
VendorProductVersionCPE
-kernel-rt2.6.24.7_74.el5rtcpe:2.3:a:-:kernel-rt:2.6.24.7_74.el5rt:*:*:*:*:*:*:*

References