Early Access — Mondoo Vulnerability Intelligence is currently in preview.
In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.
4.13.0-16.193.11.0-12.194.2.0-16.194.4.0-1002.24.4.0-1001.104.15.0-1001.14.15.0-1030.31~16.04.14.15.0-1023.24~14.04.14.11.0-1009.94.15.0-1002.24.15.0-1003.34.15.0-1004.44.15.0-1008.84.15.0-1009.94.15.0-1012.124.15.0-1013.134.15.0-1014.144.15.0-1018.184.15.0-1019.19+13 more4.18.0-1014.14~18.04.14.4.0-9019.204.15.0-1001.14.10.0-1004.44.18.0-1004.5~18.04.14.18.0-1005.6~18.04.14.18.0-1006.7~18.04.14.18.0-1007.8~18.04.14.18.0-1008.9~18.04.14.8.0-36.36~16.04.14.18.0-13.14~18.04.14.18.0-14.15~18.04.14.18.0-15.16~18.04.14.18.0-16.17~18.04.14.18.0-17.18~18.04.14.15.0-1002.24.4.0-1004.94.4.0-13.29~14.04.14.15.0-1002.34.15.0-1007.9~16.04.14.15.0-1007.94.2.0-1013.194.13.0-1005.54.4.0-1012.12Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:HA:HCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H