Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-22062— sctp: add mutual exclusion in proc_sctp_do_udp_port()

EPSS 0.11% · P29

Affected Version Matrix 16

VendorProductVersion RangeStatus
LinuxLinux046c052b475e7119b6a30e3483e2888fc606a2f8< 65ccb2793da7401772a3ffe85355c831b313c59faffected
046c052b475e7119b6a30e3483e2888fc606a2f8< 386507cb6fb7cdef598ddcb3f0fa37e6ca9e789daffected
046c052b475e7119b6a30e3483e2888fc606a2f8< b3598f53211ba1025485306de2733bdd241311a3affected
046c052b475e7119b6a30e3483e2888fc606a2f8< e5178bfc55b3a78000f0f8298e7ade88783ce581affected
046c052b475e7119b6a30e3483e2888fc606a2f8< efb8cb487be8f4ba6aaef616011d702d6a083ed1affected
046c052b475e7119b6a30e3483e2888fc606a2f8< d3d7675d77622f6ca1aae14c51f80027b36283f8affected
046c052b475e7119b6a30e3483e2888fc606a2f8< 10206302af856791fbcc27a33ed3c3eb09b2793daffected
5.11affected
… +8 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-22062

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
sctp: add mutual exclusion in proc_sctp_do_udp_port()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in proc_sctp_do_udp_port() We must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start() or risk a crash as syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f] CPU: 1 UID: 0 PID: 6551 Comm: syz.1.44 Not tainted 6.14.0-syzkaller-g7f2ff7b62617 #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 RIP: 0010:kernel_sock_shutdown+0x47/0x70 net/socket.c:3653 Call Trace: <TASK> udp_tunnel_sock_release+0x68/0x80 net/ipv4/udp_tunnel_core.c:181 sctp_udp_sock_stop+0x71/0x160 net/sctp/protocol.c:930 proc_sctp_do_udp_port+0x264/0x450 net/sctp/sysctl.c:553 proc_sys_call_handler+0x3d0/0x5b0 fs/proc/proc_sysctl.c:601 iter_file_splice_write+0x91c/0x1150 fs/splice.c:738 do_splice_from fs/splice.c:935 [inline] direct_splice_actor+0x18f/0x6c0 fs/splice.c:1158 splice_direct_to_actor+0x342/0xa30 fs/splice.c:1102 do_splice_direct_actor fs/splice.c:1201 [inline] do_splice_direct+0x174/0x240 fs/splice.c:1227 do_sendfile+0xafd/0xe50 fs/read_write.c:1368 __do_sys_sendfile64 fs/read_write.c:1429 [inline] __se_sys_sendfile64 fs/read_write.c:1415 [inline] __x64_sys_sendfile64+0x1d8/0x220 fs/read_write.c:1415 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于缺少互斥,可能导致空指针解引用。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 046c052b475e7119b6a30e3483e2888fc606a2f8 ~ 65ccb2793da7401772a3ffe85355c831b313c59f -
LinuxLinux 5.11 -

II. Public POCs for CVE-2025-22062

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-22062

登录查看更多情报信息。

Same Patch Batch · Linux · 2025-04-16 · 127 CVEs total

CVE-2025-220408.8 HIGHksmbd: fix session use-after-free in multichannel connection
CVE-2025-220418.8 HIGHksmbd: fix use-after-free in ksmbd_sessions_deregister()
CVE-2025-22093drm/amd/display: avoid NPD when ASIC does not support DMUB
CVE-2025-22107net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()
CVE-2025-22106vmxnet3: unregister xdp rxq info in the reset path
CVE-2025-22105bonding: check xdp prog when set bond mode
CVE-2025-22104ibmvnic: Use kernel helpers for hex dumps
CVE-2025-22103net: fix NULL pointer dereference in l3mdev_l3_rcv
CVE-2025-22102Bluetooth: btnxpuart: Fix kernel panic during FW release
CVE-2025-22100drm/panthor: Fix race condition when gathering fdinfo group samples
CVE-2025-22101net: libwx: fix Tx L4 checksum
CVE-2025-22099drm: xlnx: zynqmp_dpsub: Add NULL check in zynqmp_audio_init
CVE-2025-22097drm/vkms: Fix use after free and double free on init error
CVE-2025-22098drm: zynqmp_dp: Fix a deadlock in zynqmp_dp_ignore_hpd_set()
CVE-2025-22096drm/msm/gem: Fix error code msm_parse_deps()
CVE-2025-22095PCI: brcmstb: Fix error path after a call to regulator_bulk_get()
CVE-2025-22094powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu'
CVE-2025-22083vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint
CVE-2025-22082iio: backend: make sure to NULL terminate stack buffer
CVE-2025-22081fs/ntfs3: Fix a couple integer overflows on 32bit systems

Showing top 20 of 127 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2025-22062

No comments yet

Leave a comment