Bug 2266874 (CVE-2021-46999) - CVE-2021-46999 kernel: sctp: do asoc update earlier in sctp_sf_do_dupcook_a
Summary: CVE-2021-46999 kernel: sctp: do asoc update earlier in sctp_sf_do_dupcook_a
Status: NEW
Alias: CVE-2021-46999
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Product Security
QA Contact:
Depends On: 2266875
Blocks: 2266939
TreeView+ depends on / blocked
Reported: 2024-02-29 08:01 UTC by Avinash Hanwate
Modified: 2024-06-09 13:19 UTC (History)
50 users (show)

Fixed In Version: kernel 4.19.191, kernel 5.4.120, kernel 5.10.38, kernel 5.11.22, kernel 5.12.5, kernel 5.13
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed:

Attachments (Terms of Use)

Description Avinash Hanwate 2024-02-29 08:01:25 UTC
In the Linux kernel, the following vulnerability has been resolved:

sctp: do asoc update earlier in sctp_sf_do_dupcook_a

The Linux kernel CVE team has assigned CVE-2021-46999 to this issue.

Upstream advisory:

Comment 1 Avinash Hanwate 2024-02-29 08:01:59 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2266875]

Comment 5 Justin M. Forbes 2024-03-01 21:38:39 UTC
This was fixed for Fedora with the 5.12.5 stable kernel updates.

Comment 6 Alex 2024-06-09 13:19:06 UTC
The result of automatic check (that is developed by Alexander Larkin) for this CVE-2021-46999 is: 	SKIP	The Fixes patch not applied yet, so unlikely that actual: 145cb2f7177d94bc54563ed26027e952ee0ae03c	YES			NO	YES	unknown (where first YES/NO value means if related sources built).

Note You need to log in before you can comment on or make changes to this bug.