Buffer overflow in Illumos Illumos-gate
CVE-2026-15422
The illumos SCTP inbound path performs association lookup for INIT ACK chunks without adequately validating the address parameters carried in the chunk. Since this lookup runs during packet classification (i.e. before SCTP integrity checks…
Vulnerability class: Buffer Overflow
Affected products
- Illumos Illumos-gate — versions a5407c02d5ed61b29481b9b71f1307d7ebec9e5c
- Omnios — versions r151058, r151056, r151054
- Triton Data Center Smartos — versions any
Weakness classification (CWE)
References
- 0ca53633-f0b5-4853-ba72-e0a2e62000d0 (mailing-list)
- 0ca53633-f0b5-4853-ba72-e0a2e62000d0 (issue-tracking)
- 0ca53633-f0b5-4853-ba72-e0a2e62000d0 (patch)