active/CVE-2021-3655


1
2
3
4
5
6
7
8
9
10
11
12
13
14

Description: missing size validations on inbound SCTP packets
References:
Notes:
 carnil> Additional bugfix "sctp: fix return value check in
 carnil> __sctp_rcv_asconf_lookup" required.
Bugs:
upstream: released (5.14-rc1) [0c5dc070ff3d6246d22ddd931f23a6266249e3db, 50619dbf8db77e98d821d615af4f634d08e22698, b6ffe7671b24689c09faa5675dd58f93758a97ae, ef6c8d6ccf0c1dccdda092ebe8782777cd7803c9]
5.10-upstream-stable: released (5.10.51) [d4dbef7046e24669278eba4455e9e8053ead6ba0, 6ef81a5c0e22233e13c748e813c54d3bf0145782]
4.19-upstream-stable: released (4.19.198) [c7a03ebace4f9cd40d9cd9dd5fb2af558025583c, dd16e38e1531258d332b0fc7c247367f60c6c381]
4.9-upstream-stable: released (4.9.276) [c7da1d1ed43a6c2bece0d287e2415adf2868697e]
sid: released (5.10.46-3) [bugfix/all/sctp-validate-from_addr_param-return.patch, bugfix/all/sctp-add-size-validation-when-walking-chunks.patch]
5.10-bullseye-security: N/A "Fixed before branching point"
4.19-buster-security: needed
4.9-stretch-security: pending (4.9.282-1)