SCTP Association Vulnerability in Linux Kernel
CVE-2026-46227

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46227?

A flaw has been identified in the way the Linux kernel handles SCTP associations, specifically related to the SCTP_SENDALL path in sctp_sendmsg(). The issue arises during the iteration over associations, where if the socket lock is dropped, a race condition can occur that results in stale references to cached data. This vulnerability can lead to a use-after-free scenario or type confusion, potentially allowing an attacker to execute arbitrary code through controlled indirect calls. The vulnerability highlights the need for careful re-validation of pointers after socket operations to prevent such weaknesses.

Affected Version(s)

Linux 4910280503f3af2857d5aa77e35b22d93a8960a8

Linux 4910280503f3af2857d5aa77e35b22d93a8960a8 < 0dbc8cde64280fc37cdd678cced34eaf96cfb197

Linux 4910280503f3af2857d5aa77e35b22d93a8960a8 < 0c7b55974f97b78d1109025eadf084e74cbf330f

References

https://git.kernel.org/stable/c/f3a3f0b406b4b7eb3cea35a23...

https://git.kernel.org/stable/c/0dbc8cde64280fc37cdd678cc...

https://git.kernel.org/stable/c/0c7b55974f97b78d1109025ea...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46227 Data

JSON