CVE-2025-40187

Summary

In the Linux kernel, the following vulnerability has been resolved:

net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()

If new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0 and sctp_ulpevent_make_authkey() returns 0, then the variable ai_ev remains zero and the zero will be dereferenced in the sctp_ulpevent_free() function.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < 1014b83778c8677f1d7a57c26dc728baa801ac62affected
LinuxLinux30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < 7f702f85df0266ed7b5bab81ba50394c92f3c928affected
LinuxLinux30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < dbceedc0213e75bf3e9f9f9e2f66b10699d004feaffected
LinuxLinux30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < 025419f4e216a3ae0d0cec622262e98e8078c447affected
LinuxLinux30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < c21f45cfa4a9526b34d76b397c9ef080668b6e73affected
LinuxLinux30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < d0e8f1445c19b1786759ba72a38267e1449bab7eaffected
LinuxLinux30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < badbd79313e6591616c1b78e29a9b71efed7f035affected
LinuxLinux30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b < 2f3119686ef50319490ccaec81a575973da98815affected
LinuxLinux4.17affected
LinuxLinux0 < 4.17unaffected
LinuxLinux5.4.301 <= 5.4.*unaffected
LinuxLinux5.10.246 <= 5.10.*unaffected
LinuxLinux5.15.195 <= 5.15.*unaffected
LinuxLinux6.1.157 <= 6.1.*unaffected
LinuxLinux6.6.113 <= 6.6.*unaffected
LinuxLinux6.12.54 <= 6.12.*unaffected
LinuxLinux6.17.4 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References