VYPR
Unrated severityNVD Advisory· Published Dec 9, 2025· Updated Apr 15, 2026

CVE-2025-40331

CVE-2025-40331

Description

In the Linux kernel, the following vulnerability has been resolved:

sctp: Prevent TOCTOU out-of-bounds write

For the following path not holding the sock lock,

sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump()

make sure not to exceed bounds in case the address list has grown between buffer allocation (time-of-check) and write (time-of-use).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

190

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.