A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux before 5.18. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service. Affected component: stcp protocol References: https://lore.kernel.org/netdev/CADvbK_dWMO0XdAf950Q14pUv99ahS1MRnOtppvosU2w33sO=kw@mail.gmail.com/T/ https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=181d8d2066c0
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-2177
This issue was fixed upstream in kernel version 5.19. The kernel packages as shipped in Red Hat Enterprise Linux 8 and 9 were previously updated to a version that contains the fix via the following errata: kernel in Red Hat Enterprise Linux 8 https://access.redhat.com/errata/RHSA-2023:2951 kernel-rt in Red Hat Enterprise Linux 8 https://access.redhat.com/errata/RHSA-2023:2736 kernel in Red Hat Enterprise Linux 9 https://access.redhat.com/errata/RHSA-2023:2458 kernel-rt in Red Hat Enterprise Linux 9 https://access.redhat.com/errata/RHSA-2023:2148
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:7398 https://access.redhat.com/errata/RHSA-2023:7398