Race Condition in MultiPath TCP Implementation of Linux Kernel
CVE-2025-40257

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 December 2025

What is CVE-2025-40257?

A vulnerability in the Linux Kernel's MultiPath TCP (MPTCP) component could lead to a race condition during timer management. The function handling timer deletions, 'mptcp_pm_del_add_timer', may interact incorrectly with other processes, potentially leading to a use-after-free scenario. This could result in unpredictable behavior or crashes. The issue has been addressed by implementing RCU protection and clarifying variable names for better code readability. Users are encouraged to update their systems to incorporate these security improvements.

Affected Version(s)

Linux 00cfd77b9063dcdf3628a7087faba60de85a9cc8

Linux 00cfd77b9063dcdf3628a7087faba60de85a9cc8 < 6d3275d4ca62e2c02e1b7e8cd32db59df91c14b7

Linux 00cfd77b9063dcdf3628a7087faba60de85a9cc8

References

https://git.kernel.org/stable/c/c602cc344b4b8d41515fec3ff...

https://git.kernel.org/stable/c/6d3275d4ca62e2c02e1b7e8cd...

https://git.kernel.org/stable/c/bbbd75346c8e6490b19c2ba90...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2025
Vulnerability Reserved
Apr 16, 2025

JSON