On Mon, Aug 28, 2023 at 07:12:55PM -0300, Wander Lairson Costa wrote:
> sctp_mt_check doesn't validate the flag_count field. An attacker can
> take advantage of that to trigger a OOB read and leak memory
> information.
>
> Add the field validation in the checkentry function.
Applied to nf, thanks