Vulnerability in Linux

CVE-2025-40331

In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump() make sure n…

EPSS: 0.002 (10.2th percentile) — read the EPSS interpretation.

Affected products

  • Linux — versions 8f840e47f190cbe61a96945c13e9551048d42cef, 4.7, 0

References