What is CVE-2021-3772?

CVE-2021-3772 is a medium-severity vulnerability in Linux Linux_kernel, classified under Improper Validation of Integrity Check Value. CVSS score: 6.5/10. Published 2022-03-02.

How severe is CVE-2021-3772?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Linux Linux_kernel

CVE-2021-3772

A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with sp…

EPSS: 0.012 (64.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H.

Affected products

Linux Linux_kernel
Netapp E-series_santricity_os_controller — versions 11.0, 11.0.0, 11.20
Netapp H300s
Netapp H300s_firmware
Netapp H410c
Netapp H410c_firmware
Netapp H410s
Netapp H410s_firmware
Netapp H500s
Netapp H500s_firmware

Weakness classification (CWE)

CWE-354 — Improper Validation of Integrity Check Value

References

secalert@redhat.com (Patch, Third Party Advisory, Issue Tracking)
secalert@redhat.com (Patch, Third Party Advisory)
secalert@redhat.com (Patch, Mailing List, Vendor Advisory)
secalert@redhat.com (Patch, Third Party Advisory)
secalert@redhat.com (mailing-list, Mailing List, Third Party Advisory)
secalert@redhat.com (vendor-advisory, Third Party Advisory)
secalert@redhat.com (Patch, Third Party Advisory)
secalert@redhat.com (Third Party Advisory)

Frequently asked questions

What is CVE-2021-3772?: CVE-2021-3772 is a medium-severity vulnerability in Linux Linux_kernel, classified under Improper Validation of Integrity Check Value. CVSS score: 6.5/10. Published 2022-03-02.
How severe is CVE-2021-3772?: Medium severity. CVSS v3 base score is 6.5 out of 10.