CVE-2025-39812
- Source
- https://cve.org/CVERecord?id=CVE-2025-39812
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-39812.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-39812
- Downstream
- Related
- Published
- 2025-09-16T13:00:14.103Z
- Modified
- 2026-03-13T03:59:13.447254Z
- Summary
- sctp: initialize more fields in sctp_v6_from_sk()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
sctp: initialize more fields in sctpv6from_sk()
syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior.
Clear sin6scopeid and sin6_flowinfo.
BUG: KMSAN: uninit-value in __sctpv6cmp_addr+0x887/0x8c0 net/sctp/ipv6.c:649 __sctpv6cmp_addr+0x887/0x8c0 net/sctp/ipv6.c:649 sctpinet6cmpaddr+0x4f2/0x510 net/sctp/ipv6.c:983 sctpbindaddrconflict+0x22a/0x3b0 net/sctp/bindaddr.c:390 sctpgetportlocal+0x21eb/0x2440 net/sctp/socket.c:8452 sctpgetport net/sctp/socket.c:8523 [inline] sctplistenstart net/sctp/socket.c:8567 [inline] sctpinetlisten+0x710/0xfd0 net/sctp/socket.c:8636 __syslistensocket net/socket.c:1912 [inline] __sys_listen net/socket.c:1927 [inline] __dosyslisten net/socket.c:1932 [inline] __sesyslisten net/socket.c:1930 [inline] _x64syslisten+0x343/0x4c0 net/socket.c:1930 x64syscall+0x271d/0x3e20 arch/x86/include/generated/asm/syscalls64.h:51 dosyscallx64 arch/x86/entry/syscall64.c:63 [inline] dosyscall64+0xd9/0x210 arch/x86/entry/syscall64.c:94 entrySYSCALL64afterhwframe+0x77/0x7f
Local variable addr.i.i created at: sctpgetport net/sctp/socket.c:8515 [inline] sctplistenstart net/sctp/socket.c:8567 [inline] sctpinetlisten+0x650/0xfd0 net/sctp/socket.c:8636 __syslistensocket net/socket.c:1912 [inline] __sys_listen net/socket.c:1927 [inline] __dosyslisten net/socket.c:1932 [inline] __sesyslisten net/socket.c:1930 [inline] __x64syslisten+0x343/0x4c0 net/socket.c:1930
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39812.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/17d6c7747045e9b802c2f5dfaba260d309d831ae
- https://git.kernel.org/stable/c/1bbc0c02aea1f1c405bd1271466889c25a1fe01b
- https://git.kernel.org/stable/c/2e8750469242cad8f01f320131fd5a6f540dbb99
- https://git.kernel.org/stable/c/45e4b36593edffb7bbee5828ae820bc10a9fa0f3
- https://git.kernel.org/stable/c/463aa96fca6209bb205f49f7deea3817d7ddaa3a
- https://git.kernel.org/stable/c/65b4693d8bab5370cfcb44a275b4d8dcb06e56bf
- https://git.kernel.org/stable/c/9546934c2054bba1bd605c44e936619159a34027
- https://git.kernel.org/stable/c/f6c2cc99fc2387ba6499facd6108f6543382792d
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39812.json
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://nvd.nist.gov/vuln/detail/CVE-2025-39812
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed45e4b36593edffb7bbee5828ae820bc10a9fa0f3Fixed9546934c2054bba1bd605c44e936619159a34027Fixed17d6c7747045e9b802c2f5dfaba260d309d831aeFixed65b4693d8bab5370cfcb44a275b4d8dcb06e56bfFixed463aa96fca6209bb205f49f7deea3817d7ddaa3aFixed1bbc0c02aea1f1c405bd1271466889c25a1fe01bFixedf6c2cc99fc2387ba6499facd6108f6543382792dFixed2e8750469242cad8f01f320131fd5a6f540dbb99