Linux Kernel Vulnerability in IPv6 Multicast Processing
CVE-2025-21758

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability in the Linux kernel's IPv6 multicast processing has been identified in the mld_newpack() function. This function can be invoked without proper protection mechanisms, potentially exposing systems to risks. The resolution involves applying RCU (Read-Copy-Update) protection and switching to the alloc_skb() function for memory allocation, ensuring safer socket handling during multicast operations. Without these protections, there could be unintended consequences in network communication and system stability.

Affected Version(s)

Linux b8ad0cbc58f703972e9e37c4e2a8081dd7e6a551

Linux b8ad0cbc58f703972e9e37c4e2a8081dd7e6a551 < 1b91c597b0214b1b462eb627ec02658c944623f2

Linux b8ad0cbc58f703972e9e37c4e2a8081dd7e6a551 < 25195f9d5ffcc8079ad743a50c0409dbdc48d98a

References

https://git.kernel.org/stable/c/e8af3632a7f2da83e27b083f7...

https://git.kernel.org/stable/c/1b91c597b0214b1b462eb627e...

https://git.kernel.org/stable/c/25195f9d5ffcc8079ad743a50...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024