AZL-74706
See a problem?- Import Source
- https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-74706.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/AZL-74706
- Upstream
- Published
- 2025-09-16T13:15:54Z
- Modified
- 2026-04-01T05:22:45.497139Z
- Summary
- CVE-2025-39812 affecting package kernel for versions less than 5.15.200.1-1
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
sctp: initialize more fields in sctpv6from_sk()
syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior.
Clear sin6scopeid and sin6_flowinfo.
BUG: KMSAN: uninit-value in __sctpv6cmp_addr+0x887/0x8c0 net/sctp/ipv6.c:649 __sctpv6cmp_addr+0x887/0x8c0 net/sctp/ipv6.c:649 sctpinet6cmpaddr+0x4f2/0x510 net/sctp/ipv6.c:983 sctpbindaddrconflict+0x22a/0x3b0 net/sctp/bindaddr.c:390 sctpgetportlocal+0x21eb/0x2440 net/sctp/socket.c:8452 sctpgetport net/sctp/socket.c:8523 [inline] sctplistenstart net/sctp/socket.c:8567 [inline] sctpinetlisten+0x710/0xfd0 net/sctp/socket.c:8636 __syslistensocket net/socket.c:1912 [inline] __sys_listen net/socket.c:1927 [inline] __dosyslisten net/socket.c:1932 [inline] __sesyslisten net/socket.c:1930 [inline] _x64syslisten+0x343/0x4c0 net/socket.c:1930 x64syscall+0x271d/0x3e20 arch/x86/include/generated/asm/syscalls64.h:51 dosyscallx64 arch/x86/entry/syscall64.c:63 [inline] dosyscall64+0xd9/0x210 arch/x86/entry/syscall64.c:94 entrySYSCALL64afterhwframe+0x77/0x7f
Local variable addr.i.i created at: sctpgetport net/sctp/socket.c:8515 [inline] sctplistenstart net/sctp/socket.c:8567 [inline] sctpinetlisten+0x650/0xfd0 net/sctp/socket.c:8636 __syslistensocket net/socket.c:1912 [inline] __sys_listen net/socket.c:1927 [inline] __dosyslisten net/socket.c:1932 [inline] __sesyslisten net/socket.c:1930 [inline] __x64syslisten+0x343/0x4c0 net/socket.c:1930
- References