cve 2025 40240

The Linux kernel has been updated to fix CVE-2025-40240, a small but important defensive bug in the SCTP receive path that could trigger a kernel NULL-pointer dereference when a chunk’s data buffer is missing; the upstream patch reorders checks and uses the chunk header instead of dereferencing...