EUVD-2025-29602

Malicious code in bioql PyPI...

AZL-74706 CVE-2025-39812 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior. Clear sin6scopeid and sin6flowinfo. BUG: KMSAN: uninit-value in sctpv6cmpaddr+0x887/0x8c0...

AZL-67413 CVE-2025-39812 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior. Clear sin6scopeid and sin6flowinfo. BUG: KMSAN: uninit-value in sctpv6cmpaddr+0x887/0x8c0...

CVE-2025-39812

CVE-2025-39812: In the Linux kernel SCTP implementation, the vulnerability stems from not initializing sin6_scope_id in sctp_v6_from_sk(), which can cause undefined behavior. The fix clears sin6_scope_id and sin6_flowinfo to prevent use of uninitialized data in the IPv6 SCTP path. Affected contex...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly initializing the sin6scopeid and sin6flowinfo fields, which could lead to undefined behavior...