Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2015-03-16 03:59
Updated : 2022-11-03 13:23
NVD link : CVE-2015-1421
Mitre link : CVE-2015-1421
JSON object : View
CWE
Products Affected
debian
- debian_linux
canonical
- ubuntu_linux
linux
- linux_kernel