CVE-2022-0322
Updated: 2022-06-22 14:29:57.153893
Description:
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).
| Links | NIST | CIRCL | RHEL | Ubuntu |
Severity
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | LOW | 2.1 |
| CVSS Version 3.x | MEDIUM | 5.5 |
Status
| OS name | Project name | Version | Status | Errata | Last updated |
|---|---|---|---|---|---|
| CentOS 6 ELS | kernel | 2.6.32 | Ignored | 2022-06-26 11:38:50.342939 | |
| CentOS 8.4 ELS | kernel | 4.18.0-305.25.1 | Needs triage | 2022-05-11 02:24:57.833056 | |
| CentOS 8.5 ELS | kernel | 4.18.0-348.7.1 | Needs triage | 2022-05-11 02:25:05.207021 | |
| CloudLinux 6 ELS | kernel | 2.6.32 | Ignored | 2022-06-26 11:38:50.292715 | |
| Oracle Linux 6 ELS | kernel | 2.6.32 | Ignored | 2022-06-26 11:38:50.246783 | |
| Ubuntu 16.04 ELS | linux | 4.4.0 | Ignored | 2022-06-26 11:38:50.527515 |
Statement
Will not fix: low score