PT-2025-49381 · Linux+3 · Linux Kernel+3

Published

2025-06-12

·

Updated

2026-05-26

·

CVE-2025-40280

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a use-after-free flaw within the TIPC (Transparent Inter-Process Communication) networking module, specifically in the tipc mon reinit self() function. This issue was identified through syzkaller testing, which reported a use-after-free condition involving the tipc net(net)->monitors[] array. The array is protected by RTNL (Real-Time Network Layer), but the function iterates over it without acquiring the RTNL lock. The vulnerability occurs when tipc mon reinit self() is called from tipc net finalize(), which is generally under RTNL protection except during tipc net finalize work(). The root cause is a lack of RTNL protection during iteration over the monitors array.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2026-05118
CVE-2025-40280
DLA-4404-1
ECHO-3911-0C8C-D907
MGASA-2026-0017
MGASA-2026-0018
OESA-2026-1341
OESA-2026-2417
OESA-2026-2418
OPENSUSE-SU-2026:20145-1
SUSE-SU-2026:0263-1
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:0317-1
SUSE-SU-2026:0350-1
SUSE-SU-2026:0369-1
SUSE-SU-2026:0411-1
SUSE-SU-2026:0617-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8100-1
USN-8116-1
USN-8125-1
USN-8126-1
USN-8141-1
USN-8163-1
USN-8163-2
USN-8165-1
USN-8243-1
USN-8261-1

Affected Products

Debian
Linuxmint
Linux Kernel
Ubuntu