Remote Yes

Type Information disclosure

Description

A vulnerability was found in the Linux kernel. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.

AVG-1881 linux-hardened 5.12.17.hardened1-1 Medium Vulnerable

AVG-1880 linux-zen 5.13.1.zen1-1 Medium Vulnerable

AVG-1879 linux 5.13.1.arch4-1 Medium Vulnerable

AVG-1741 linux-lts 5.10.51-1 Medium Vulnerable

https://bugzilla.redhat.com/show_bug.cgi?id=1984024
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=0c5dc070ff3d6246d22ddd931f23a6266249e3db
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=50619dbf8db77e98d821d615af4f634d08e22698
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b6ffe7671b24689c09faa5675dd58f93758a97ae
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=ef6c8d6ccf0c1dccdda092ebe8782777cd7803c9
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.13.3&id=4ecabee69d190f2bd9bdc5140109a27231428413
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.13.3&id=92b74375a1bbf5f7f64f4ea98064a5ba62956bcc
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.18&id=d91adac26d5ebac78c731b3aa23ff2c210ce2a0d
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.18&id=603f0eedf3b17df9e424c01bae25b94ae1091279
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.51&id=d4dbef7046e24669278eba4455e9e8053ead6ba0
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.51&id=6ef81a5c0e22233e13c748e813c54d3bf0145782