Login Sign Up

CVE-2025-21636

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a null pointer dereference vulnerability in the Linux kernel's SCTP (Stream Control Transmission Protocol) implementation. When accessing the plpmtud_probe_interval sysctl parameter, the kernel incorrectly uses current->nsproxy which can be NULL during process exit, causing a kernel crash. This affects Linux systems with SCTP enabled.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE; likely recent kernel versions before fixes were applied.
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if SCTP protocol is enabled/configured. Many distributions disable SCTP by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.

🟠

Likely Case

Local denial of service through kernel crash when specific conditions trigger the null pointer dereference.

🟢

If Mitigated

Minimal impact if SCTP is disabled or systems are patched; isolated process crashes if properly contained.

🌐 Internet-Facing: LOW - Requires local access or ability to trigger specific kernel operations; not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local users or processes could trigger the vulnerability, potentially causing system instability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and ability to trigger specific kernel operations during process exit. Discovered by syzbot fuzzing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel commits provided (1dc5da6c4178f3e4b95c631418f72de9f86c0449 and others)

Vendor Advisory: https://git.kernel.org/stable/c/1dc5da6c4178f3e4b95c631418f72de9f86c0449

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix. 2. Check with your distribution for specific patched kernel packages. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable SCTP protocol

linux

Remove SCTP kernel module to prevent exploitation of this vulnerability

modprobe -r sctp
echo 'blacklist sctp' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

  • Restrict local user access to systems where SCTP is required
  • Implement monitoring for kernel crashes and investigate any occurrences

🔍 How to Verify

Check if Vulnerable:

Check if SCTP module is loaded: lsmod | grep sctp. Check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits or is newer than patched versions. Check that SCTP functions normally after patch.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • System crash dumps
  • Null pointer dereference errors in kernel logs

Network Indicators:

  • Unusual SCTP traffic patterns if exploited

SIEM Query:

source="kernel" AND ("null pointer dereference" OR "kernel panic" OR "Oops") AND "sctp"

📊 Metadata

CVE ID: CVE-2025-21636
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-476
EPSS Score: 0.05% exploit probability (13.9th percentile)
Published: January 19, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-21636, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)
CVE-2019-20914 9.8

This vulnerability in GNU LibreDWG is a NULL pointer dereference that can cause application crashes ...

Same vulnerability type (CWE-476)
CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)