The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 26.9%.
Denial Of Service
Information Disclosure
Linux
Buffer Overflow
Linux Kernel
NVD
GitHub
CVSS 3.1
9.8
EPSS
26.9%