cve/2019/CVE-2019-20503.md

CVE-2019-20503

Description

usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.

POC

Reference

• http://seclists.org/fulldisclosure/2020/May/52
• http://seclists.org/fulldisclosure/2020/May/52
• http://seclists.org/fulldisclosure/2020/May/55
• http://seclists.org/fulldisclosure/2020/May/55
• http://seclists.org/fulldisclosure/2020/May/59
• http://seclists.org/fulldisclosure/2020/May/59
• https://usn.ubuntu.com/4328-1/
• https://usn.ubuntu.com/4328-1/

Github

• https://github.com/allpaca/chrome-sbx-db