Linux Kernel Vulnerability in Vsock Transport Mechanism
CVE-2025-21755

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability in the Linux kernel's vsock transport mechanism allows for a null pointer dereference during the socket release process. This occurs because the function sock_orphan() is invoked without properly managing the socket's state, resulting in sk->sk_wq being set to NULL. If the SO_LINGER option is enabled, this improper handling leads to dereferencing a null pointer in virtio_transport_wait_close(), which can cause system instability and vulnerabilities. The issue primarily affects sockets after transport release, necessitating careful management of resource release to ensure system integrity.

Affected Version(s)

Linux 3f43540166128951cc1be7ab1ce6b7f05c670d8b

Linux 645ce25aa0e67895b11d89f27bb86c9d444c40f8 < 3a866f8376f0a5c848dcb59cd26df845fffbe6d8

Linux b1afd40321f1c243cffbcf40ea7ca41aca87fa5e < 94d81870eec7ad2dd7af80bffd314ded26caea1a

References

https://git.kernel.org/stable/c/f3b8e9d3414b2eb083d8293be...

https://git.kernel.org/stable/c/3a866f8376f0a5c848dcb59cd...

https://git.kernel.org/stable/c/94d81870eec7ad2dd7af80bff...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024