Null Pointer Dereference Vulnerability in Linux Kernel's SCTP Network Protocol

Null Pointer Dereference Vulnerability in Linux Kernel's SCTP Network Protocol

CVE-2023-2177 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.