CVE-2025-40187

UNKNOWN 0.0

net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() If new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0 and sctp_ulpevent_make_authkey() returns 0, then the variable ai_ev remains zero and the zero will be dereferenced in the sctp_ulpevent_free() function.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Nov 12, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < 1014b83778c8677f1d7a57c26dc728baa801ac62 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < 7f702f85df0266ed7b5bab81ba50394c92f3c928 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < dbceedc0213e75bf3e9f9f9e2f66b10699d004fe 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < 025419f4e216a3ae0d0cec622262e98e8078c447 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < c21f45cfa4a9526b34d76b397c9ef080668b6e73 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < d0e8f1445c19b1786759ba72a38267e1449bab7e 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < badbd79313e6591616c1b78e29a9b71efed7f035 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < 2f3119686ef50319490ccaec81a575973da98815

Linux / Linux

4.17

References

NVD ↗ CVE.org ↗ EPSS Data ↗