{"id":"CVE-2022-0322","details":"A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).","modified":"2026-03-15T22:43:18.516584Z","published":"2022-03-25T19:15:09.967Z","related":["ALSA-2022:1988","SUSE-SU-2022:0169-1","SUSE-SU-2022:0197-1","SUSE-SU-2022:0198-1","SUSE-SU-2022:0288-1","SUSE-SU-2022:0289-1","SUSE-SU-2022:0364-1","SUSE-SU-2022:0366-1","SUSE-SU-2022:0367-1","SUSE-SU-2022:0371-1","SUSE-SU-2022:0372-1","SUSE-SU-2022:0555-1","openSUSE-SU-2022:0169-1","openSUSE-SU-2022:0198-1","openSUSE-SU-2022:0366-1"],"references":[{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2042822"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujul2022.html"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0322.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"5.15"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc4"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc5"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.3"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"22.2.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}