Security Advisory

CVE-2025-40187

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-12 21:56:29

Last updated 2026-05-11 21:44:26

Assigner Linux

State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() If new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0 and sctp_ulpevent_make_authkey() returns 0, then the variable ai_ev remains zero and the zero will be dereferenced in the sctp_ulpevent_free() function.

← Browse all CVEs View on cve.org ↗