Bug 2042822 (CVE-2022-0322) - CVE-2022-0322 kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c
Summary: CVE-2022-0322 kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-0322
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
: CVE-2021-3894 (view as bug list)
Depends On: Red Hat2020393 Red Hat2024909 2042823 Red Hat2042883 Red Hat2042884 Red Hat2042885 Red Hat2042886
Blocks: Embargoed2014939 Embargoed2033235 Red Hat2043152
TreeView+ depends on / blocked
 
Reported: 2022-01-20 08:20 UTC by Dhananjay Arunesh
Modified: 2022-06-16 11:24 UTC (History)
46 users (show)

Fixed In Version: kernel 5.15 rc6
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).
Clone Of:
Environment:
Last Closed: 2022-05-11 15:45:52 UTC

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2022:2229 0 None None None 2022-05-12 11:27:17 UTC
Red Hat Product Errata RHBA-2022:4630 0 None None None 2022-05-18 11:47:02 UTC
Red Hat Product Errata RHBA-2022:4693 0 None None None 2022-05-19 05:11:28 UTC
Red Hat Product Errata RHBA-2022:4969 0 None None None 2022-06-08 18:40:35 UTC
Red Hat Product Errata RHBA-2022:5088 0 None None None 2022-06-16 11:23:59 UTC
Red Hat Product Errata RHSA-2022:1975 0 None None None 2022-05-10 14:41:08 UTC
Red Hat Product Errata RHSA-2022:1988 0 None None None 2022-05-10 14:47:15 UTC

Description Dhananjay Arunesh 2022-01-20 08:20:33 UTC 
A flaw was found in sctp_make_strreset_req in net/sctp/sm_make_chunk.c in SCTP network protocol in the Linux kernel. In this flaw, an attempt to use more buffer than was allocated triggers BUG_ON to cause a denial of service (DOS).

References:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c
Comment 1 Dhananjay Arunesh 2022-01-20 08:22:02 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2042823]
Comment 6 Justin M. Forbes 2022-01-20 14:55:43 UTC 
This was fixed for Fedora with the 5.14.14 stable kernel updates.
Comment 9 Rohit Keshri 2022-03-02 14:21:20 UTC 
*** Bug 2014970 has been marked as a duplicate of this bug. ***
Comment 10 errata-xmlrpc 2022-05-10 14:41:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:1975 https://access.redhat.com/errata/RHSA-2022:1975
Comment 11 errata-xmlrpc 2022-05-10 14:47:11 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:1988 https://access.redhat.com/errata/RHSA-2022:1988
Comment 12 Product Security DevOps Team 2022-05-11 15:45:47 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-0322
Note You need to log in before you can comment on or make changes to this bug.