Extended Lifecycle Support CVE dashboard by TuxСare

CVEs Releases Projects

CVE-2022-0322

Updated: 2022-06-22 14:29:57.153893

Description:

A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x LOW 2.1
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Status Errata Last updated
CentOS 6 ELS kernel 2.6.32 Ignored 2022-06-26 11:38:50.342939
CentOS 8.4 ELS kernel 4.18.0-305.25.1 Needs triage 2022-05-11 02:24:57.833056
CentOS 8.5 ELS kernel 4.18.0-348.7.1 Needs triage 2022-05-11 02:25:05.207021
CloudLinux 6 ELS kernel 2.6.32 Ignored 2022-06-26 11:38:50.292715
Oracle Linux 6 ELS kernel 2.6.32 Ignored 2022-06-26 11:38:50.246783
Ubuntu 16.04 ELS linux 4.4.0 Ignored 2022-06-26 11:38:50.527515

Statement

Will not fix: low score