CVE-2022-48855 | Linux Kernel up to 5.16.14 SCTP Socket lib/iov_iter.c inet_sctp_diag_fill uninitialized pointer

CVE-2022-48855 | Linux Kernel up to 5.16.14 SCTP Socket lib/iov_iter.c inet_sctp_diag_fill uninitialized pointer

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.16.14. This issue affects the function inet_sctp_diag_fill in the library lib/iov_iter.c of the component SCTP Socket Handler. The manipulation leads to uninitialized pointer. The identification of this vulnerability is CVE-2022-48855. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.