{"id":"CVE-2021-3772","details":"A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.","modified":"2026-04-16T04:32:29.480086729Z","published":"2022-03-02T23:15:09.127Z","related":["ALSA-2022:1988","SUSE-SU-2021:14849-1","SUSE-SU-2021:3640-1","SUSE-SU-2021:3641-1","SUSE-SU-2021:3642-1","SUSE-SU-2021:3658-1","SUSE-SU-2021:3675-1","SUSE-SU-2021:3723-1","SUSE-SU-2021:3754-1","SUSE-SU-2021:3848-1","SUSE-SU-2021:3876-1","SUSE-SU-2021:3929-1","SUSE-SU-2021:3935-1","SUSE-SU-2021:3969-1","SUSE-SU-2021:3972-1","openSUSE-SU-2021:1477-1","openSUSE-SU-2021:3641-1","openSUSE-SU-2021:3675-1","openSUSE-SU-2021:3876-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20221007-0001/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5096"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2000694"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df"},{"type":"FIX","url":"https://ubuntu.com/security/CVE-2021-3772"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git","events":[{"introduced":"0"},{"fixed":"32f8807a48ae55be0e76880cfe8607a18b5bb0df"}]},{"type":"GIT","repo":"https://github.com/torvalds/linux","events":[{"introduced":"0"},{"fixed":"32f8807a48ae55be0e76880cfe8607a18b5bb0df"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git","events":[{"introduced":"0"},{"fixed":"32f8807a48ae55be0e76880cfe8607a18b5bb0df"}]},{"type":"GIT","repo":"https://github.com/torvalds/linux","events":[{"introduced":"0"},{"fixed":"32f8807a48ae55be0e76880cfe8607a18b5bb0df"}]}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"5.15.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.3"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"22.2.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.20"}]},{"events":[{"introduced":"0"},{"last_affected":"11.25"}]},{"events":[{"introduced":"0"},{"last_affected":"11.30"}]},{"events":[{"introduced":"0"},{"last_affected":"11.30.5r3"}]},{"events":[{"introduced":"0"},{"last_affected":"11.40"}]},{"events":[{"introduced":"0"},{"last_affected":"11.40.3r2"}]},{"events":[{"introduced":"0"},{"last_affected":"11.40.5"}]},{"events":[{"introduced":"0"},{"last_affected":"11.50.1"}]},{"events":[{"introduced":"0"},{"last_affected":"11.50.2-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"11.50.2-p1"}]},{"events":[{"introduced":"0"},{"last_affected":"11.60"}]},{"events":[{"introduced":"0"},{"last_affected":"11.60.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.60.1"}]},{"events":[{"introduced":"0"},{"last_affected":"11.60.3"}]},{"events":[{"introduced":"0"},{"last_affected":"11.70.1"}]},{"events":[{"introduced":"0"},{"last_affected":"11.70.2"}]},{"events":[{"introduced":"0"},{"last_affected":"invalid"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3772.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}]}