CVE-2025-40331

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-40331

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40331.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-40331

Downstream

BELL-CVE-2025-40331

DEBIAN-CVE-2025-40331

DLA-4404-1

DLA-4436-1

ECHO-672d-1397-7906

ROOT-OS-DEBIAN-12-CVE-2025-40331

ROOT-OS-DEBIAN-13-CVE-2025-40331

ROOT-OS-UBUNTU-2204-CVE-2025-40331

ROOT-OS-UBUNTU-2404-CVE-2025-40331

SUSE-SU-2026:0263-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:0316-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0350-1

SUSE-SU-2026:0369-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

SUSE-SU-2026:20207-1

SUSE-SU-2026:20220-1

SUSE-SU-2026:20228-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

UBUNTU-CVE-2025-40331

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8096-1

USN-8096-2

USN-8096-3

USN-8096-4

USN-8100-1

openSUSE-SU-2026:20145-1

Related

Published

2025-12-09T04:09:48.196Z

Modified

2026-03-12T02:16:57.824096Z

Summary

sctp: Prevent TOCTOU out-of-bounds write

Details

In the Linux kernel, the following vulnerability has been resolved:

sctp: Prevent TOCTOU out-of-bounds write

For the following path not holding the sock lock,

sctpdiagdump() -> sctpforeachendpoint() -> sctpep_dump()

make sure not to exceed bounds in case the address list has grown between buffer allocation (time-of-check) and write (time-of-use).

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40331.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

8f840e47f190cbe61a96945c13e9551048d42cef

Fixed

b106a68df0650b694b254427cd9250c04500edd3

Fixed

3006959371007fc2eae4a078f823c680fa52de1a

Fixed

72e3fea68eac8d088e44c3dd954e843478e9240e

Fixed

584307275b2048991b2e8984962189b6cc0a9b85

Fixed

c9119f243d9c0da3c3b5f577a328de3e7ffd1b42

Fixed

2fe08fcaacb7eb019fa9c81db39b2214de216677

Fixed

89eac1e150dbd42963e13d23828cb8c4e0763196

Fixed

95aef86ab231f047bb8085c70666059b58f53c09

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40331.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.7.0

Fixed

5.4.302

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.247

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.197

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.159

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.117

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.58

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.8

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40331.json"