The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.
References
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 02:37
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2016-11-28 03:59
Updated : 2024-02-28 15:44
NVD link : CVE-2016-9555
Mitre link : CVE-2016-9555
CVE.ORG link : CVE-2016-9555
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-125
Out-of-bounds Read