CVE-2025-40074
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ipv4: start using dst_dev_rcu()
Change icmpv4_xrlim_allow(), ip_defrag() to prevent possible UAF.
Change ipmr_prepare_xmit(), ipmr_queue_fwd_xmit(), ip_mr_output(), ipv4_neigh_lookup() to use lockdep enabled dst_dev_rcu().
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 < 923e0734c386984d45de508528a7a7ad91d791cc | affected |
| Linux | Linux | 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 < 6ad8de3cefdb6ffa6708b21c567df0dbf82c43a8 | affected |
| Linux | Linux | 4.13 | affected |
| Linux | Linux | 0 < 4.13 | unaffected |
| Linux | Linux | 6.17.3 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/923e0734c386984d45de508528a7a7ad91d791cc
- https://git.kernel.org/stable/c/6ad8de3cefdb6ffa6708b21c567df0dbf82c43a8
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.