CVE-2025-21677

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.13.0-rc5

Description The issue is related to the pfcp newlink() function in the Linux kernel, which incorrectly links a device to a list in dev net(dev) instead of net, where a UDP tunnel socket is created. This can cause the device to remain alive even after the network namespace is removed, leading to a potential denial of service. The vulnerability can be exploited by creating a device in one network namespace and a UDP socket in another, then removing the first network namespace.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for this vulnerability. As a temporary workaround, consider restricting the use of the pfcp newlink() function until a patch is available. Avoid using the pfcp newlink() function in scenarios where a UDP tunnel socket is created in a different network namespace than the device.