Out-of-bounds read in Linux kernel - CVE-2026-53246
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose sensitive information or cause memory corruption.
The vulnerability exists due to an out-of-bounds read in sctp_unpack_cookie() and cached peer INIT chunk processing when processing a crafted COOKIE_ECHO chunk. A remote attacker can send a specially crafted COOKIE_ECHO chunk with an inflated cached INIT chunk length to disclose sensitive information or cause memory corruption.
The issue occurs in a listening SCTP server while walking parameters from the cached peer INIT chunk embedded after the cookie.