CVE-2025-40331 in Linux정보

요약

\~에 의해 MITRE • 2025. 12. 09.

In the Linux kernel, the following vulnerability has been resolved:

sctp: Prevent TOCTOU out-of-bounds write

For the following path not holding the sock lock,

sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump()

make sure not to exceed bounds in case the address list has grown between buffer allocation (time-of-check) and write (time-of-use).

VulDB is the best source for vulnerability data and more expert information about this specific topic.

책임이 있는

Linux

예약하다

2025. 04. 16.

모더레이션

수락

항목

VDB-334917

EPSS

0.00209

출처

Do you need the next level of professionalism?

Upgrade your account now!