PT-2022-6572 · Linux+5 · Linux Kernel+5

Wei Chen

Published

2022-07-25

Updated

2025-03-18

CVE-2023-2177

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream sched.c. If stream in allocation fails, stream out is freed and would further be accessed. This could allow a local user to crash the system or potentially cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2022-2497

ALT-PU-2022-2523

ALT-PU-2022-2915

ALT-PU-2022-2919

ALT-PU-2023-1684

ALT-PU-2023-1741

ALT-PU-2023-1814

ALT-PU-2023-4894

AZL-26316

BDU:2023-02525

CESA-2023_2736

CESA-2023_2951

CVE-2023-2177

OESA-2023-1276

OESA-2023-1277

OESA-2023-1284

OPENSUSE-SU-2023_3988-1

OPENSUSE-SU-2023_4057-1

OPENSUSE-SU-2023_4058-1

OPENSUSE-SU-2023_4071-1

OPENSUSE-SU-2023_4072-1

OPENSUSE-SU-2023_4072-2

RHSA-2023:2148

RHSA-2023:2458

RHSA-2023:2736

RHSA-2023:2951

RHSA-2023:7398

RHSA-2023_2148

RHSA-2023_2458

RHSA-2023_2736

RHSA-2023_2951

SUSE-SU-2023:3988-1

SUSE-SU-2023:4030-1

SUSE-SU-2023:4057-1

SUSE-SU-2023:4058-1

SUSE-SU-2023:4071-1

SUSE-SU-2023:4072-1

SUSE-SU-2023:4072-2

SUSE-SU-2023:4093-1

SUSE-SU-2023:4095-1

SUSE-SU-2023:4142-1

Affected Products

Alt Linux

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2022-6572 · Linux+5 · Linux Kernel+5

CVE-2023-2177

Weakness Enumeration

Related Identifiers

Affected Products

References · 269