Vulnerability in Linux

CVE-2025-40204

In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.

EPSS: 0.002 (6.8th percentile) — read the EPSS interpretation.

Affected products

  • Linux — versions 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, 2.6.12, 0

References