๐Ÿ” CVE Alert

CVE-2026-15422

UNKNOWN 0.0

SCTP needs to better-check INIT ACK chunk parameters

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

The illumos SCTP inbound path performs association lookup for INIT ACK chunks without adequately validating the address parameters carried in the chunk. Since this lookup runs during packet classification (i.e. before SCTP integrity checks or IPsec policy are applied) a remote, unauthenticated attacker can send a crafted SCTP INIT ACK packet with malformed address parameters to cause an out-of-bounds access and kernel heap corruption, which may lead to remote code execution. The flaw has existed since 2010 (illumos-gate commit a5407c02), and affects any illumos distribution prior to illumos-gate commit 53a3efde.

CWE CWE-122 CWE-787
Vendor illumos
Product illumos-gate
Published Jul 16, 2026
Stay Ahead of the Next One

Get instant alerts for illumos illumos-gate

Be the first to know when new unknown vulnerabilities affecting illumos illumos-gate are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

illumos / illumos-gate
a5407c02d5ed61b29481b9b71f1307d7ebec9e5c < 53a3efdeff8e6745bbfb69c5360f94962fb79e75
OmniOS / OmniOS
r151058 < r151058j r151056 < r151056aj r151054 < r151054bj any < r151054
Triton Data Center / SmartOS
any < 202060709

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
illumos.topicbox.com: https://illumos.topicbox.com/groups/developer/Ta1a8e2e1f7f928df/18117-sctp-needs-to-better-check-init-ack-chunk-parameters illumos.org: https://illumos.org/issues/18117 github.com: https://github.com/illumos/illumos-gate/commit/53a3efdeff8e6745bbfb69c5360f94962fb79e75

Credits

Sourque Dan McDonald