-

CVE-2025-40187

EPSS 0.06%
Veröffentlicht 12.11.2025 21:56:29
Zuletzt bearbeitet 14.11.2025 16:42:30
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()

If new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0
and sctp_ulpevent_make_authkey() returns 0, then the variable
ai_ev remains zero and the zero will be dereferenced
in the sctp_ulpevent_free() function.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 1014b83778c8677f1d7a57c26dc728baa801ac62

Version 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b

Status affected

Version < 7f702f85df0266ed7b5bab81ba50394c92f3c928

Version 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b

Status affected

Version < dbceedc0213e75bf3e9f9f9e2f66b10699d004fe

Version 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b

Status affected

Version < 025419f4e216a3ae0d0cec622262e98e8078c447

Version 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b

Status affected

Version < c21f45cfa4a9526b34d76b397c9ef080668b6e73

Version 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b

Status affected

Version < d0e8f1445c19b1786759ba72a38267e1449bab7e

Version 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b

Status affected

Version < badbd79313e6591616c1b78e29a9b71efed7f035

Version 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b

Status affected

Version < 2f3119686ef50319490ccaec81a575973da98815

Version 30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.17

Status affected

Version < 4.17

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.301

Status unaffected

Version <= 5.10.*

Version 5.10.246

Status unaffected

Version <= 5.15.*

Version 5.15.195

Status unaffected

Version <= 6.1.*

Version 6.1.157

Status unaffected

Version <= 6.6.*

Version 6.6.113

Status unaffected

Version <= 6.12.*

Version 6.12.54

Status unaffected

Version <= 6.17.*

Version 6.17.4

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.193

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/1014b83778c8677f1d7a57c26dc728baa801ac62

https://git.kernel.org/stable/c/7f702f85df0266ed7b5bab81ba50394c92f3c928

https://git.kernel.org/stable/c/dbceedc0213e75bf3e9f9f9e2f66b10699d004fe

https://git.kernel.org/stable/c/025419f4e216a3ae0d0cec622262e98e8078c447

https://git.kernel.org/stable/c/c21f45cfa4a9526b34d76b397c9ef080668b6e73

https://git.kernel.org/stable/c/d0e8f1445c19b1786759ba72a38267e1449bab7e

https://git.kernel.org/stable/c/badbd79313e6591616c1b78e29a9b71efed7f035

https://git.kernel.org/stable/c/2f3119686ef50319490ccaec81a575973da98815

https://nvd.nist.gov/vuln/detail/CVE-2025-40187

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40187

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40187

EUVD