CVE-2025-68188

Summary

In the Linux kernel, the following vulnerability has been resolved:

tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check()

Use RCU to avoid a pair of atomic operations and a potential UAF on dst_dev()->flags.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxcf1ef3f0719b4dcb74810ed507e2a2540f9811b4 < bc2b881a0896c111c1041d8bb1f92a3b3873ace5affected
LinuxLinuxcf1ef3f0719b4dcb74810ed507e2a2540f9811b4 < 06da08d9355bf8e2070459bbedbe372ccc02cc0eaffected
LinuxLinuxcf1ef3f0719b4dcb74810ed507e2a2540f9811b4 < b62a59c18b692f892dcb8109c1c2e653b2abc95caffected
LinuxLinux4.12affected
LinuxLinux0 < 4.12unaffected
LinuxLinux6.12.58 <= 6.12.*unaffected
LinuxLinux6.17.8 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References