CVE-2015-1421

EPSS 17.1%

Published: 3/16/2015Modified: 4/28/2026

Also known as:DEBIAN-CVE-2015-1421

Description

Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.

Affected packages (1)

Debian/linuxfrom 0, < 3.16.7-ckt4-3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1421