QwikSec

Security Database

CVE

CWE

Training

CVE-2022-0322

Published: Mar 25, 2022

Modified: Aug 2, 2024

PUBLISHED

Description

A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).

Vendor	Product	Versions
n/a	kernel	affected `kernel 5.15 rc6`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2042822

x_refsource_MISC

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c

x_refsource_MISC

https://www.oracle.com/security-alerts/cpujul2022.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.