CNNVD-202512-756 Information
CNNVD ID
CNNVD-202512-756
Related CVE
- CNNVD Published: 2025-12-06
Description (Chinese)
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于sctp未正确处理rto_alpha和rto_beta值,可能导致移位越界。
Description (English)
Linux Kernel is the kernel used by Linux, the Open Source Operator System of the Linux Foundation of the United States. Linux Kernel had a security loophole, which stemmed from the sctp ’ s incorrect handling of the rto alpha and rto beta values, which could lead to transmigration.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Linux
Published
2025-12-06
Last Modified
2026-02-24
References
https://git.kernel.org/stable/c/aaba523dd7b6106526c24b1fd9b5fc35e5aaa88d https://git.kernel.org/stable/c/1534ff77757e44bcc4b98d0196bc5c0052fce5fa https://git.kernel.org/stable/c/abb086b9a95d0ed3b757ee59964ba3c4e4b2fc1a https://git.kernel.org/stable/c/ed71f801249d2350c77a73dca2c03918a15a62fe https://git.kernel.org/stable/c/d0d858652834dcf531342c82a0428170aa7c2675 https://git.kernel.org/stable/c/0e0413e3315199b23ff4aec295e256034cd0a6e4 https://git.kernel.org/stable/c/1cfa4eac275cc4875755c1303d48a4ddfe507ca8 https://git.kernel.org/stable/c/834e65be429c0fa4f9bb5945064bd57f18ed2187 https://access.redhat.com/security/cve/cve-2025-40281 https://vigilance.fr/vulnerability/Linux-kernel-multiple-vulnerabilities-dated-08-12-2025-49010 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40281