QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-40187

Back to search

CVE-2025-40187

Published: Nov 12, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() If new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0 and sctp_ulpevent_make_authkey() returns 0, then the variable ai_ev remains zero and the zero will be dereferenced in the sctp_ulpevent_free() function.

VendorProductVersions

Linux

Linux

affected
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b - < 1014b83778c8677f1d7a57c26dc728baa801ac62
affected
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b - < 7f702f85df0266ed7b5bab81ba50394c92f3c928
affected
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b - < dbceedc0213e75bf3e9f9f9e2f66b10699d004fe
affected
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b - < 025419f4e216a3ae0d0cec622262e98e8078c447
affected
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b - < c21f45cfa4a9526b34d76b397c9ef080668b6e73

+3 more versions

Linux

Linux

affected
4.17
unaffected
0 - < 4.17
unaffected
5.4.301 - <= 5.4.*
unaffected
5.10.246 - <= 5.10.*
unaffected
5.15.195 - <= 5.15.*

+5 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now