CVE-2015-1421
EPSS 17.1%發布日:2015/3/16修改日:2026/4/28
描述
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.
受影響套件(1)
- Debian/linuxfrom 0, < 3.16.7-ckt4-3