{"id":"CVE-2025-40204","summary":"sctp: Fix MAC comparison to be constant-time","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.","modified":"2026-03-20T12:43:13.063825Z","published":"2025-11-12T21:56:35.110Z","related":["SUSE-SU-2025:4393-1","SUSE-SU-2025:4422-1","SUSE-SU-2025:4505-1","SUSE-SU-2025:4506-1","SUSE-SU-2025:4515-1","SUSE-SU-2025:4516-1","SUSE-SU-2025:4517-1","SUSE-SU-2025:4521-1","SUSE-SU-2025:4530-1","SUSE-SU-2026:0029-1","SUSE-SU-2026:0032-1","SUSE-SU-2026:0033-1","SUSE-SU-2026:0034-1","SUSE-SU-2026:0144-1","SUSE-SU-2026:0145-1","SUSE-SU-2026:0146-1","SUSE-SU-2026:0147-1","SUSE-SU-2026:0148-1","SUSE-SU-2026:0154-1","SUSE-SU-2026:0155-1","SUSE-SU-2026:0163-1","SUSE-SU-2026:0166-1","SUSE-SU-2026:0168-1","SUSE-SU-2026:0169-1","SUSE-SU-2026:0171-1","SUSE-SU-2026:0173-1","SUSE-SU-2026:0174-1","SUSE-SU-2026:0176-1","SUSE-SU-2026:0180-1","SUSE-SU-2026:0184-1","SUSE-SU-2026:0185-1","SUSE-SU-2026:0186-1","SUSE-SU-2026:0187-1","SUSE-SU-2026:0188-1","SUSE-SU-2026:0191-1","SUSE-SU-2026:0200-1","SUSE-SU-2026:0202-1","SUSE-SU-2026:0203-1","SUSE-SU-2026:0204-1","SUSE-SU-2026:0206-1","SUSE-SU-2026:0209-1","SUSE-SU-2026:0246-1","SUSE-SU-2026:0247-1","SUSE-SU-2026:0262-1","SUSE-SU-2026:0269-1","SUSE-SU-2026:0270-1","SUSE-SU-2026:0274-1","SUSE-SU-2026:0283-1","SUSE-SU-2026:0284-1","SUSE-SU-2026:20012-1","SUSE-SU-2026:20015-1","SUSE-SU-2026:20021-1","SUSE-SU-2026:20039-1","SUSE-SU-2026:20059-1","SUSE-SU-2026:20149-1","SUSE-SU-2026:20164-1","SUSE-SU-2026:20168-1","SUSE-SU-2026:20169-1","SUSE-SU-2026:20171-1","SUSE-SU-2026:20202-1","SUSE-SU-2026:20248-1","SUSE-SU-2026:20249-1","SUSE-SU-2026:20250-1","SUSE-SU-2026:20251-1","SUSE-SU-2026:20252-1","SUSE-SU-2026:20253-1","SUSE-SU-2026:20254-1","SUSE-SU-2026:20255-1","SUSE-SU-2026:20256-1","SUSE-SU-2026:20257-1","SUSE-SU-2026:20258-1","SUSE-SU-2026:20259-1","SUSE-SU-2026:20260-1","SUSE-SU-2026:20261-1","SUSE-SU-2026:20262-1","SUSE-SU-2026:20263-1","SUSE-SU-2026:20264-1","SUSE-SU-2026:20265-1","SUSE-SU-2026:20266-1","SUSE-SU-2026:20376-1","SUSE-SU-2026:20377-1","SUSE-SU-2026:20378-1","SUSE-SU-2026:20379-1","SUSE-SU-2026:20380-1","SUSE-SU-2026:20381-1","SUSE-SU-2026:20382-1","SUSE-SU-2026:20383-1","SUSE-SU-2026:20384-1","SUSE-SU-2026:20385-1","SUSE-SU-2026:20392-1","SUSE-SU-2026:20393-1","SUSE-SU-2026:20394-1","SUSE-SU-2026:20395-1","SUSE-SU-2026:20396-1","SUSE-SU-2026:20397-1","SUSE-SU-2026:20398-1","SUSE-SU-2026:20399-1","SUSE-SU-2026:20400-1","SUSE-SU-2026:20473-1","SUSE-SU-2026:20496-1","openSUSE-SU-2025:20172-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40204.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0b32ff285ff6f6f1ac1d9495787ccce8837d6405"},{"type":"WEB","url":"https://git.kernel.org/stable/c/0e8b8c326c2a6de4d837b1bb034ea704f4690d77"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1cd60e0d0fb8f0e62ec4499138afce6342dc9d4c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8019b3699289fce3f10b63f98601db97b8d105b0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9c05d44ec24126fc283835b68f82dba3ae985209"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b93fa8dc521d00d2d44bf034fb90e0d79b036617"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dd91c79e4f58fbe2898dac84858033700e0e99fb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ed3044b9c810c5c24eb2830053fbfe5fd134c5d4"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40204.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40204"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"},{"fixed":"b93fa8dc521d00d2d44bf034fb90e0d79b036617"},{"fixed":"0e8b8c326c2a6de4d837b1bb034ea704f4690d77"},{"fixed":"1cd60e0d0fb8f0e62ec4499138afce6342dc9d4c"},{"fixed":"9c05d44ec24126fc283835b68f82dba3ae985209"},{"fixed":"ed3044b9c810c5c24eb2830053fbfe5fd134c5d4"},{"fixed":"8019b3699289fce3f10b63f98601db97b8d105b0"},{"fixed":"0b32ff285ff6f6f1ac1d9495787ccce8837d6405"},{"fixed":"dd91c79e4f58fbe2898dac84858033700e0e99fb"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40204.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.6.12"},{"fixed":"5.4.301"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.246"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.195"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.157"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.113"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.54"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.17.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40204.json"}}],"schema_version":"1.7.5"}