CVE-2021-3772: 
Linux Kernel vulnerability analysis and mitigation

CVE-2021-3772 is a vulnerability discovered in the Linux SCTP (Stream Control Transmission Protocol) stack. The vulnerability was disclosed in September 2021 and affects Linux kernel versions prior to 5.15.0. The flaw allows a blind attacker to terminate existing SCTP associations through invalid chunks if they know the IP addresses and port numbers being used and can send packets with spoofed IP addresses (Ubuntu Security, CVE Mitre).

The vulnerability stems from missing VTAG verification for received chunks and incorrect VTAG handling for ABORT responses to invalid chunks. The issue lies in the SCTP protocol implementation's verification process, where it fails to properly verify VTAGs (Verification Tags) in certain situations. This flaw was addressed through patches that ensure proper VTAG verification is performed first when processing received chunks, with specific exceptions for certain chunk types like INIT, COOKIEECHO, and SHUTDOWNACK (Kernel Commit). The vulnerability has been assigned a CVSS v3 score of 6.5 (Medium) (NVD).

When successfully exploited, this vulnerability allows an attacker to cause a denial of service by forcibly terminating existing SCTP connections (connection disassociation). The impact is limited to SCTP protocol users, but could affect service availability for applications relying on SCTP connections (Ubuntu Security, Red Hat Bugzilla).

The vulnerability has been fixed in multiple Linux distributions through kernel updates. Ubuntu has released fixes for versions 21.10 (5.13.0-28.31), 20.04 LTS (5.4.0-117.132), 18.04 LTS (4.15.0-184.194), and 16.04 LTS (4.4.0-239.273). Red Hat has addressed the issue in RHSA-2022:1975 and RHSA-2022:1988. Organizations should apply these kernel updates to protect against this vulnerability (Ubuntu Security).