Wind River Support Network

HomeDefectsLIN1023-16848
Acknowledged

LIN1023-16848 : Security Advisory - linux - CVE-2025-40187

Created: Nov 12, 2025    Updated: Nov 26, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() If new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0 and sctp_ulpevent_make_authkey() returns 0, then the variable ai_ev remains zero and the zero will be dereferenced in the sctp_ulpevent_free() function.
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube