retired/CVE-2021-3772


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

Description: Invalid chunks may be used to remotely remove existing associations
References:
 https://bugzilla.redhat.com/show_bug.cgi?id=2000694
 https://lore.kernel.org/stable/20220315132009.2080417-1-ovidiu.panait@windriver.com/
 https://lore.kernel.org/stable/20220315132510.2088935-1-ovidiu.panait@windriver.com/
Notes:
 carnil> Fixed as well in 5.14.16 for 5.14.y series.
 carnil> One comit was missing in the initial 5.10.y series, the
 carnil> backport of eae578390804 ("sctp: fix the processing for INIT
 carnil> chunk"). Two commits were missing in the 4.19.y series
 carnil> initially, eae578390804 ("sctp: fix the processing for INIT
 carnil> chunk") and 438b95a7c98f ("sctp: fix the processing for
 carnil> INIT_ACK chunk").
Bugs:
upstream: released (5.15) [4f7019c7eb33967eb87766e0e4602b5576873680, eae5783908042a762c24e1bd11876edb91d314b1, 438b95a7c98f77d51cbf4db021f41b602d750a3f, a64b341b8695e1c744dd972b39868371b4f68f83, aa0f697e45286a6b5f0ceca9418acf54b9099d99, ef16b1734f0a176277b7bb9c71a6d977a6ef3998, 9d02831e517aa36ee6bdb453a0eb47bd49923fe3]
5.10-upstream-stable: released (5.10.77) [ad111d4435d85fd3eeb2c09692030d89f8862401, 8c50693d25e4ab6873b32bc3cea23b382a94d05f, dad2486414b5c81697aa5a24383fbb65fad13cae, 14c1e02b11c2233343573aff90766ef8472f27e7, c2442f721972ea7c317fbfd55c902616b3151ad5, a7112b8eeb14b3db21bc96abc79ca7525d77e129], released (5.10.107) [6056abc99b58fe55033577f3ad6e28d001a27641]
4.19-upstream-stable: released (4.19.215) [1f52dfacca7bb315d89f5ece5660b0337809798e, 86044244fc6f9eaec0070cb668e0d500de22dbba, 7bf2f6a30d1851c530ad5e4ee7e5c45fb6be0128, d9a4f990aab48dd5c134a9e76c7b651d404b05d3, 1ff3c379248ea579aa122d4ca245028e4bc9af23], released (4.19.236) [59e2c108bf5ff90db5310ce749f57e37f6d3da38, 0ad6f021f6c354ab8daf29ec10f3c2340918d5d3]
4.9-upstream-stable: released (4.9.289) [42ce7a69f8140783bab908dc29a93c0bcda315d5, 16d0bfb045abf587c72d46dfea56c20c4aeda927], needed
sid: released (5.14.16-1)
5.10-bullseye-security: released (5.10.84-1), released (5.10.113-1)
4.19-buster-security: released (4.19.232-1), released (4.19.235-1)
4.9-stretch-security: ignored "EOL"