CVE-2019-3874

Summary

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.

Affected Software

VendorProductVersion RangeStatus
The Linux Foundationkernel3.10.x and 4.18.xaffected

Weaknesses

  • CWE-400: CWE-400

ADP Enrichment

CVE Program Container

Additional References

References