Linux Kernel Vulnerability in SMC Component by Linux Foundation

CVE-2025-40139

What is CVE-2025-40139?

A vulnerability exists in the Linux kernel specifically related to the SMC (Shared Memory Communications) component. The function smc_clc_prfx_set() is executed during connection processes without adequate resource control, which could potentially lead to a Use After Free (UAF) condition. This issue arises when calling sk_dst_get(sk)->dev that does not properly manage the state of the connection under the required RCU (Read-Copy-Update) or RTNL (Read-Write Netlink) locking mechanisms. The flaw has been addressed by ensuring that the smc_clc_prfx_set() function properly uses __sk_dst_get() and dev_dst_rcu() while maintaining RCU read locks following kernel_getsockname(). Although the returned values from smc_clc_prfx_set() are not directly utilized in the calling context, rectifying this vulnerability is critical for enhancing the overall security posture of the Linux Kernel.

References