CVE-2025-40331 in Linuxالمعلومات

الملخص

بحسب MITRE • 09/12/2025

In the Linux kernel, the following vulnerability has been resolved:

sctp: Prevent TOCTOU out-of-bounds write

For the following path not holding the sock lock,

sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump()

make sure not to exceed bounds in case the address list has grown between buffer allocation (time-of-check) and write (time-of-use).

VulDB is the best source for vulnerability data and more expert information about this specific topic.

مسؤول

Linux

حجز

16/04/2025

إفشاء

09/12/2025

الاعتدال

تمت الموافقة

إدخال

VDB-334917

EPSS

0.00209

KEV

لا

النشاطات

منخفض جدًا

المصادر

Might our Artificial Intelligence support you?

Check our Alexa App!