{"id":"CVE-2025-39812","summary":"sctp: initialize more fields in sctp_v6_from_sk()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: initialize more fields in sctp_v6_from_sk()\n\nsyzbot found that sin6_scope_id was not properly initialized,\nleading to undefined behavior.\n\nClear sin6_scope_id and sin6_flowinfo.\n\nBUG: KMSAN: uninit-value in __sctp_v6_cmp_addr+0x887/0x8c0 net/sctp/ipv6.c:649\n  __sctp_v6_cmp_addr+0x887/0x8c0 net/sctp/ipv6.c:649\n  sctp_inet6_cmp_addr+0x4f2/0x510 net/sctp/ipv6.c:983\n  sctp_bind_addr_conflict+0x22a/0x3b0 net/sctp/bind_addr.c:390\n  sctp_get_port_local+0x21eb/0x2440 net/sctp/socket.c:8452\n  sctp_get_port net/sctp/socket.c:8523 [inline]\n  sctp_listen_start net/sctp/socket.c:8567 [inline]\n  sctp_inet_listen+0x710/0xfd0 net/sctp/socket.c:8636\n  __sys_listen_socket net/socket.c:1912 [inline]\n  __sys_listen net/socket.c:1927 [inline]\n  __do_sys_listen net/socket.c:1932 [inline]\n  __se_sys_listen net/socket.c:1930 [inline]\n  __x64_sys_listen+0x343/0x4c0 net/socket.c:1930\n  x64_sys_call+0x271d/0x3e20 arch/x86/include/generated/asm/syscalls_64.h:51\n  do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n  do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nLocal variable addr.i.i created at:\n  sctp_get_port net/sctp/socket.c:8515 [inline]\n  sctp_listen_start net/sctp/socket.c:8567 [inline]\n  sctp_inet_listen+0x650/0xfd0 net/sctp/socket.c:8636\n  __sys_listen_socket net/socket.c:1912 [inline]\n  __sys_listen net/socket.c:1927 [inline]\n  __do_sys_listen net/socket.c:1932 [inline]\n  __se_sys_listen net/socket.c:1930 [inline]\n  __x64_sys_listen+0x343/0x4c0 net/socket.c:1930","modified":"2026-03-20T12:43:03.739015Z","published":"2025-09-16T13:00:14.103Z","related":["SUSE-SU-2025:21040-1","SUSE-SU-2025:21052-1","SUSE-SU-2025:21056-1","SUSE-SU-2025:21064-1","SUSE-SU-2025:21080-1","SUSE-SU-2025:21147-1","SUSE-SU-2025:21180-1","SUSE-SU-2025:4057-1","SUSE-SU-2025:4128-1","SUSE-SU-2025:4132-1","SUSE-SU-2025:4140-1","SUSE-SU-2025:4141-1","SUSE-SU-2025:4189-1","SUSE-SU-2025:4301-1","openSUSE-SU-2025:20091-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39812.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/17d6c7747045e9b802c2f5dfaba260d309d831ae"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1bbc0c02aea1f1c405bd1271466889c25a1fe01b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2e8750469242cad8f01f320131fd5a6f540dbb99"},{"type":"WEB","url":"https://git.kernel.org/stable/c/45e4b36593edffb7bbee5828ae820bc10a9fa0f3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/463aa96fca6209bb205f49f7deea3817d7ddaa3a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/65b4693d8bab5370cfcb44a275b4d8dcb06e56bf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9546934c2054bba1bd605c44e936619159a34027"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f6c2cc99fc2387ba6499facd6108f6543382792d"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39812.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39812"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"},{"fixed":"45e4b36593edffb7bbee5828ae820bc10a9fa0f3"},{"fixed":"9546934c2054bba1bd605c44e936619159a34027"},{"fixed":"17d6c7747045e9b802c2f5dfaba260d309d831ae"},{"fixed":"65b4693d8bab5370cfcb44a275b4d8dcb06e56bf"},{"fixed":"463aa96fca6209bb205f49f7deea3817d7ddaa3a"},{"fixed":"1bbc0c02aea1f1c405bd1271466889c25a1fe01b"},{"fixed":"f6c2cc99fc2387ba6499facd6108f6543382792d"},{"fixed":"2e8750469242cad8f01f320131fd5a6f540dbb99"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39812.json"}}],"schema_version":"1.7.5"}