PT-2025-4333 · Linux+4 · Linux Kernel+4

Syzkaller

·

Published

2025-01-07

·

Updated

2026-01-23

·

CVE-2025-21652

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74
Description A use-after-free vulnerability has been identified in the Linux kernel, specifically in the ipvlan module. This issue arises when the linkwatch work is triggered for the ipvlan device, potentially resulting in the lower device being freed before the ipvlan device, leading to a use-after-free error in ipvlan get iflink(). The vulnerability can be addressed by delaying the unregistration of the lower device, similar to how it is handled in the vlan and macvlan modules.
Recommendations Update to Linux kernel version 6.6.74 or later to resolve the issue. As a temporary workaround, consider disabling the linkwatch work for ipvlan devices until a patch is available.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:20095
ALT-PU-2025-12647
ALT-PU-2025-3467
ALT-PU-2025-3500
AZL-56324
BDU:2025-02803
CVE-2025-21652
MGASA-2025-0030
MGASA-2025-0032
OESA-2026-1228
OESA-2026-1229
OPENSUSE-SU-2025_0428-1
OPENSUSE-SU-2025_0499-1
OPENSUSE-SU-2025_0557-1
RHSA-2025:20095
SUSE-SU-2025:0428-1
SUSE-SU-2025:0499-1
SUSE-SU-2025:0557-1
SUSE-SU-2025:0564-1
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025_0428-1
SUSE-SU-2025_0499-1
SUSE-SU-2025_0557-1
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7513-1
USN-7513-2
USN-7513-3
USN-7513-4
USN-7513-5
USN-7514-1
USN-7515-1
USN-7515-2
USN-7522-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Linuxmint
Linux Kernel
Suse
Ubuntu