PT-2025-8872 · Linux+7 · Linux Kernel+7

Eric Dumazet

·

Publicado

2025-02-07

·

Atualizado

2026-04-20

·

CVE-2025-21760

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability in the Linux kernel has been resolved. The issue is related to the ndisc send skb() function, which can be called without RTNL or RCU held, potentially leading to a use-after-free (UAF) condition. To address this, RCU protection has been extended in ndisc send skb() by acquiring rcu read lock() earlier, allowing the use of dev net rcu().
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2025-12647
ALT-PU-2025-5012
ALT-PU-2025-5359
ALT-PU-2025-5361
ALT-PU-2025-5437
AZL-58962
AZL-59085
BDU:2025-04371
CVE-2025-21760
DLA-4102-1
DLA-4178-1
OESA-2025-1446
OESA-2025-1450
OESA-2025-1462
OESA-2025-1465
OESA-2025-1466
OPENSUSE-SU-2025_1177-1
OPENSUSE-SU-2025_1178-1
OPENSUSE-SU-2025_1180-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:01951-1
SUSE-SU-2025:01967-1
SUSE-SU-2025:1177-1
SUSE-SU-2025:1178-1
SUSE-SU-2025:1180-1
SUSE-SU-2025:1293-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025_01951-1
SUSE-SU-2025_01967-1
SUSE-SU-2025_1177-1
SUSE-SU-2025_1178-1
SUSE-SU-2025_1180-1
SUSE-SU-2025_1293-1
SUSE-SU-2026:0474-1
SUSE-SU-2026:0475-1
SUSE-SU-2026:0495-1
SUSE-SU-2026:0496-1
SUSE-SU-2026:0617-1
SUSE-SU-2026:1131-1
USN-7510-1
USN-7510-2
USN-7510-3
USN-7510-4
USN-7510-5
USN-7510-6
USN-7510-7
USN-7510-8
USN-7511-1
USN-7511-2
USN-7511-3
USN-7512-1
USN-7516-1
USN-7516-2
USN-7516-3
USN-7516-4
USN-7516-5
USN-7516-6
USN-7516-7
USN-7516-8
USN-7516-9
USN-7517-1
USN-7517-2
USN-7517-3
USN-7518-1
USN-7521-1
USN-7521-2
USN-7521-3
USN-7539-1
USN-7540-1
USN-7593-1
USN-7602-1
USN-7640-1
USN-7703-1
USN-7703-2
USN-7703-3
USN-7703-4
USN-7719-1
USN-7737-1

Produtos afetados

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu