Use-After-Free Vulnerability in Linux Kernel Networking
CVE-2025-21764

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

What is CVE-2025-21764?

A vulnerability exists in the Linux kernel's networking component that impacts the ndisc_alloc_skb() function. This function can be invoked without holding the necessary Real-Time Networking Lock (RTNL) or Read-Copy Update (RCU) protections, potentially leading to a Use-After-Free condition. This flaw has been addressed by introducing RCU protection to ensure safe memory management, thereby enhancing overall system robustness against exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux de09334b9326632bbf1a74bfd8b01866cbbf2f61 < 96fc896d0e5b37c12808df797397fb16f3080879

Linux de09334b9326632bbf1a74bfd8b01866cbbf2f61

References

https://git.kernel.org/stable/c/96fc896d0e5b37c12808df797...

https://git.kernel.org/stable/c/c30893ef3d9cde8e7e8e4fd06...

https://git.kernel.org/stable/c/b870256dd2a5648d5ed2f2231...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024

JSON

Linux

What is CVE-2025-21764?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.