VYPR
Unrated severityNVD Advisory· Published Nov 12, 2025· Updated Apr 15, 2026

CVE-2025-40187

CVE-2025-40187

Description

In the Linux kernel, the following vulnerability has been resolved:

net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()

If new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0 and sctp_ulpevent_make_authkey() returns 0, then the variable ai_ev remains zero and the zero will be dereferenced in the sctp_ulpevent_free() function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

101

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.