CVE-2024-0639 | Linux Kernel up to 6.4 SCTP net/sctp/socket.c sctp_auto_asconf_init deadlock

Inserito da Angelo Barbosa | Gen 17, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.4. Affected by this issue is the function sctp_auto_asconf_init of the file net/sctp/socket.c of the component SCTP. The manipulation leads to deadlock.

This vulnerability is handled as CVE-2024-0639. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-0639 | Linux Kernel up to 6.4 SCTP net/sctp/socket.c sctp_auto_asconf_init deadlock

Post correlati

CVE-2024-30687 | ROS2 Iron Irwini deserialization

CVE-2024-27314 | Zoho ManageEngine ServiceDesk Plus up to 14729 Custom Actions Menu cross site scripting

CVE-2024-36012 | Linux Kernel up to 6.1.90/6.6.30/6.8.9 Bluetooth kernel/locking/mutex.c msft_do_close use after free

CVE-2024-20383 | Cisco Secure Email/Web Manager cross site scripting (cisco-sa-esa-sma-wsa-xss-bgG5WHOD)