Skip to main content
CVE-2016-9555 CRITICAL PATCH Act Now

The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 26.9%.

Denial Of Service Information Disclosure Linux Buffer Overflow Linux Kernel
NVD GitHub
CVSS 3.1
9.8
EPSS
26.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy