CVE-2021-3655

Low

A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow…

redhat·CWE-909·Published 2021-08-05

CVSS

3.3

EPSS

0.00

KEV

Exploits

cve.orgen

177 chars

A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.

NVDen

177 chars

A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.

Se ha detectado una vulnerabilidad en el kernel de Linux en versiones anteriores a v5.14-rc1.Una falta de comprobaciones de tamaño en los paquetes SCTP entrantes puede permitir al kernel leer la memoria no inicializada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	3.3	1.8	1.4	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N