SCTP Vulnerability in Linux Kernel Affecting Google Cloud Services

CVE-2025-22062

Summary

A vulnerability in the Linux kernel related to SCTP (Stream Control Transmission Protocol) has been identified, which occurs due to missing mutual exclusion in the processing of UDP port functions. This issue can lead to potential crashes when improperly handling socket operations, as indicated by errors produced under various conditions, including null pointer dereferences. This vulnerability poses a risk to systems utilizing the Linux kernel, particularly impacting Google Cloud services. It is crucial for administrators to apply the latest patches to maintain system stability and security.

References