retired/CVE-2021-46999


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: sctp: do asoc update earlier in sctp_sf_do_dupcook_a
References:
Notes:
 carnil> Introduced in 145cb2f7177d ("sctp: Fix bundling of SHUTDOWN with COOKIE-ACK").
 carnil> Vulnerable versions: 4.19.123 5.4.41 5.6.13 5.7-rc3.
Bugs:
upstream: released (5.13-rc1) [35b4f24415c854cd718ccdf38dbea6297f010aae]
6.7-upstream-stable: N/A "Fixed before branching point"
6.6-upstream-stable: N/A "Fixed before branching point"
6.1-upstream-stable: N/A "Fixed before branching point"
5.10-upstream-stable: released (5.10.38) [f01988ecf3654f805282dce2d3bb9afe68d2691e]
4.19-upstream-stable: released (4.19.191) [d624f2991b977821375fbd56c91b0c91d456a697]
sid: released (5.10.38-1)
6.1-bookworm-security: N/A "Fixed before branching point"
5.10-bullseye-security: N/A "Fixed before branching point"
4.19-buster-security: released (4.19.194-1)