PT-2025-46643 · Linux+4 · Linux Kernel+4

Published

2025-11-12

·

Updated

2026-06-05

·

CVE-2025-40168

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a use-after-free issue within the smc clc prfx match() function. This function is called from smc listen work() without proper read-copy-update (RCU) or Real-Time Network Layer (RTNL) protection. The use of sk dst get(sk)->dev could lead to a use-after-free condition. The issue is addressed by utilizing sk dst get() and dst dev rcu() instead. The return value of smc clc prfx match() is not utilized by the calling function.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

ALSA-2026:2720
ALSA-2026:2821
ALSA-2026:3275
ALSA-2026:3488
AZL-70013
CVE-2025-40168
ECHO-AB9A-177B-A277
OESA-2026-2580
OPENSUSE-SU-2025:20172-1
RHSA-2026:2720
RHSA-2026:2821
RHSA-2026:3275
RHSA-2026:3488
RHSA-2026:4111
RHSA-2026:6954
RHSA-2026:9513
RHSA-2026:9514
RHSA-2026:9643
SUSE-SU-2025:4393-1
SUSE-SU-2025:4422-1
SUSE-SU-2025:4505-1
SUSE-SU-2025:4516-1
SUSE-SU-2025:4517-1
SUSE-SU-2025:4521-1
SUSE-SU-2026:0316-1
SUSE-SU-2026:20012-1
SUSE-SU-2026:20015-1
SUSE-SU-2026:20021-1
SUSE-SU-2026:20039-1
SUSE-SU-2026:20059-1
SUSE-SU-2026:20473-1
SUSE-SU-2026:20496-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1

Affected Products

Debian
Linuxmint
Linux Kernel
Rocky Linux
Ubuntu