Linux Kernel Networking Vulnerability Affecting Device Management
CVE-2025-40170

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
12 November 2025

What is CVE-2025-40170?

This vulnerability in the Linux kernel relates to improper handling of device references within networking functions. Specifically, it addresses issues in how the kernel manages device access when setting up capabilities and calculating maximum sizes for Generic Segmentation Offload (GSO). The fix ensures that these accesses leverage Read-Copy-Update (RCU) for safer concurrent processing, ultimately improving the stability and security of network communication. Several functions, including ip6_dst_mtu_maybe_forward() and ip_dst_mtu_maybe_forward(), have been updated to ensure compatibility and performance resilience.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 < 5d1be493d1110c9e720b4c51a6e587bb2fb4ac12

Linux 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36

Linux 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 < 99a2ace61b211b0be861b07fbaa062fca4b58879

References

https://git.kernel.org/stable/c/5d1be493d1110c9e720b4c51a...
https://git.kernel.org/stable/c/a805729c0091073d8f0415cfa...
https://git.kernel.org/stable/c/99a2ace61b211b0be861b07fb...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.