CVE-2025-40170
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: use dst_dev_rcu() in sk_setup_caps()
Use RCU to protect accesses to dst->dev from sk_setup_caps() and sk_dst_gso_max_size().
Also use dst_dev_rcu() in ip6_dst_mtu_maybe_forward(), and ip_dst_mtu_maybe_forward().
ip4_dst_hoplimit() can use dst_dev_net_rcu().
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 < 5d1be493d1110c9e720b4c51a6e587bb2fb4ac12 | affected |
| Linux | Linux | 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 < a805729c0091073d8f0415cfa96c7acd1bc17a48 | affected |
| Linux | Linux | 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 < 99a2ace61b211b0be861b07fbaa062fca4b58879 | affected |
| Linux | Linux | 4.13 | affected |
| Linux | Linux | 0 < 4.13 | unaffected |
| Linux | Linux | 6.12.64 <= 6.12.* | unaffected |
| Linux | Linux | 6.17.3 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/5d1be493d1110c9e720b4c51a6e587bb2fb4ac12
- https://git.kernel.org/stable/c/a805729c0091073d8f0415cfa96c7acd1bc17a48
- https://git.kernel.org/stable/c/99a2ace61b211b0be861b07fbaa062fca4b58879
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.