Severity: Medium
Analysis Summary
A use-after-free error in the “sctp_sendmsg()” function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.
Impact
Memory Corruption
Denial of Service
Affected Products
Linux Kernel
versions 4.20.x prior to 4.20.8
4.19.x prior to 4.19.21
Remediation
Update to version 4.20.8 or 4.19.21.