Network Vulnerability in Linux Kernel Affecting Packet Management
CVE-2025-21766

Currently unrated

Key Information:

Vendor
Linux
Status
Linux
Vendor
CVE Published:
27 February 2025

Summary

A vulnerability in the Linux kernel's handling of IPv4 routing can lead to issues if the __ip_rt_update_pmtu() function does not utilize RCU (Read-Copy-Update) protection. This function is critical for maintaining the integrity of network structures during updates to packet management. Without proper RCU coordination, there's a risk that the network structures being read could become invalid, potentially leading to instability or system crashes in network operations.

Affected Version(s)

Linux 2fbc6e89b2f1403189e624cabaf73e189c5e50c6

Linux 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 < 9b1766d1ff5fe496aabe9fc5f4e34e53f35c11c4

Linux 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 < 4583748b65dee4d61bd50a2214715b4237bc152a

References

https://git.kernel.org/stable/c/ea07480b23225942208f1b754...
https://git.kernel.org/stable/c/9b1766d1ff5fe496aabe9fc5f...
https://git.kernel.org/stable/c/4583748b65dee4d61bd50a221...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.