Vulnerability in Linux

CVE-2025-40187

In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() If new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0 and sctp_ulpevent_make_auth…

EPSS: 0.002 (8.1th percentile) — read the EPSS interpretation.

Affected products

  • Linux — versions 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b, 4.17, 0

References