From ${URL} : Secunia just announced this a local root in SCTP: https://secuniaresearch.flexerasoftware.com/secunia_research/2019-5/ There was a SCTP local root in the kernel due to a association list corruption. https://lore.kernel.org/netdev/20190201141522.GA20785@kroah.com/ In sctp_sendmesg(), when walking the list of endpoint associations, the association can be dropped from the list, making the list corrupt. Properly handle this by using list_for_each_entry_safe() Fixes: 4910280503f3 ("sctp: add support for snd flag SCTP_SENDALL process in sendmsg") This issue is in 4.17 up to 5.0rc6.
Patch is in 4.19.21, 4.20.8, 5.0