CVE-2024-0639

Medium

A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP…

redhat·CWE-833·Published 2024-01-17

CVSS

5.5

EPSS

0.00

KEV

Exploits

cve.orgen

252 chars

A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.

NVDen

252 chars

NVDes

305 chars

Se encontró una vulnerabilidad de denegación de servicio debido a un punto muerto en sctp_auto_asconf_init en net/sctp/socket.c en el subsistema SCTP del kernel de Linux. Esta falla permite a los invitados con privilegios de usuario local desencadenar un punto muerto y potencialmente bloquear el sistema.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	5.5	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
3.1	Primary	NVD	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H