PT-2025-8868 · Linux+11 · Linux Kernel+11

Michal Luczaj

·

Published

2025-01-28

·

Updated

2026-01-30

·

CVE-2025-21756

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A use-after-free issue has been identified in the Linux kernel, specifically in the vsock subsystem. This issue arises when a socket is unbound during a transport reassignment, leading to a potential use-after-free scenario. The problem occurs due to the incorrect handling of socket bindings, both explicit and implicit, during the connect() and bind() operations. Technical details include the involvement of functions such as vsock create(), vsock insert unbound(), vsock remove bound(), and vsock bind(). The issue can lead to a slab-use-after-free error, as reported by KASAN.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

LPE

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:7903
ALSA-2025:8056
ALSA-2025:8057
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2025-12647
ALT-PU-2025-5012
ALT-PU-2025-5359
ALT-PU-2025-5437
ASB-A-396331793
AZL-58995
AZL-59037
BDU:2025-04373
CESA-2025_8056
CESA-2025_8057
CESA-2025_8345
CVE-2025-21756
DLA-4178-1
DLA-4193-1
DSA-5900-1
ECHO-B26D-1495-3E15
INFSA-2025_7903
INFSA-2025_8056
INFSA-2025_8057
OESA-2025-1283
OESA-2025-1284
OESA-2025-1371
OESA-2025-1372
OPENSUSE-SU-2025_1177-1
OPENSUSE-SU-2025_1178-1
OPENSUSE-SU-2025_1180-1
RHSA-2025:7652
RHSA-2025:7676
RHSA-2025:7682
RHSA-2025:7683
RHSA-2025:7896
RHSA-2025:7897
RHSA-2025:7901
RHSA-2025:7902
RHSA-2025:7903
RHSA-2025:8056
RHSA-2025:8057
RHSA-2025:8058
RHSA-2025:8137
RHSA-2025:8248
RHSA-2025:8342
RHSA-2025:8343
RHSA-2025:8344
RHSA-2025:8345
RHSA-2025:8346
RHSA-2025:8347
RHSA-2025:8348
RHSA-2025_7903
RHSA-2025_8056
RHSA-2025_8057
SUSE-SU-2025:01919-1
SUSE-SU-2025:02264-1
SUSE-SU-2025:02321-1
SUSE-SU-2025:02322-1
SUSE-SU-2025:02537-1
SUSE-SU-2025:03315-1
SUSE-SU-2025:03317-1
SUSE-SU-2025:03341-1
SUSE-SU-2025:03343-1
SUSE-SU-2025:03370-1
SUSE-SU-2025:03374-1
SUSE-SU-2025:03375-1
SUSE-SU-2025:03381-1
SUSE-SU-2025:03387-1
SUSE-SU-2025:03391-1
SUSE-SU-2025:03393-1
SUSE-SU-2025:03395-1
SUSE-SU-2025:03397-1
SUSE-SU-2025:03400-1
SUSE-SU-2025:03406-1
SUSE-SU-2025:03408-1
SUSE-SU-2025:1177-1
SUSE-SU-2025:1178-1
SUSE-SU-2025:1180-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025:20722-1
SUSE-SU-2025:20723-1
SUSE-SU-2025:20724-1
SUSE-SU-2025:20725-1
SUSE-SU-2025:20726-1
SUSE-SU-2025:20727-1
SUSE-SU-2025:20737-1
SUSE-SU-2025:20738-1
SUSE-SU-2025:20768-1
SUSE-SU-2025:20769-1
SUSE-SU-2025:20770-1
SUSE-SU-2025:20784-1
SUSE-SU-2025:20785-1
SUSE-SU-2025:20786-1
SUSE-SU-2025:2264-1
SUSE-SU-2025_02264-1
SUSE-SU-2025_02537-1
SUSE-SU-2025_1177-1
SUSE-SU-2025_1178-1
SUSE-SU-2025_1180-1
USN-7445-1
USN-7448-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7455-1
USN-7455-2
USN-7455-3
USN-7455-4
USN-7455-5
USN-7459-1
USN-7459-2
USN-7460-1
USN-7468-1
USN-7475-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu