CVE-2025-40331

UNKNOWN 0.0

sctp: Prevent TOCTOU out-of-bounds write

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump() make sure not to exceed bounds in case the address list has grown between buffer allocation (time-of-check) and write (time-of-use).

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Dec 9, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

8f840e47f190cbe61a96945c13e9551048d42cef < b106a68df0650b694b254427cd9250c04500edd3 8f840e47f190cbe61a96945c13e9551048d42cef < 3006959371007fc2eae4a078f823c680fa52de1a 8f840e47f190cbe61a96945c13e9551048d42cef < 72e3fea68eac8d088e44c3dd954e843478e9240e 8f840e47f190cbe61a96945c13e9551048d42cef < 584307275b2048991b2e8984962189b6cc0a9b85 8f840e47f190cbe61a96945c13e9551048d42cef < c9119f243d9c0da3c3b5f577a328de3e7ffd1b42 8f840e47f190cbe61a96945c13e9551048d42cef < 2fe08fcaacb7eb019fa9c81db39b2214de216677 8f840e47f190cbe61a96945c13e9551048d42cef < 89eac1e150dbd42963e13d23828cb8c4e0763196 8f840e47f190cbe61a96945c13e9551048d42cef < 95aef86ab231f047bb8085c70666059b58f53c09

Linux / Linux

4.7

References

NVD ↗ CVE.org ↗ EPSS Data ↗