PT-2025-8903 · Linux+10 · Linux Kernel+10

Eric Dumazet

·

Published

2025-02-07

·

Updated

2026-04-20

·

CVE-2025-21791

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability in the Linux kernel has been resolved. The issue is related to the function l3mdev l3 out(), which can be called without RCU protection. This can lead to a potential use-after-free (UAF) issue. The vulnerability is exploited through a sequence of function calls, including raw sendmsg(), ip push pending frames(), ip send skb(), ip local out(), and ip local out(), ultimately calling l3mdev ip out(). To address this, an rcu read lock() / rcu read unlock() pair has been added.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:20095
ALSA-2025:20518
ALT-PU-2025-12647
AZL-58476
AZL-58566
BDU:2025-04367
CVE-2025-21791
DLA-4102-1
DLA-4178-1
INFSA-2025_20518
OESA-2025-1317
OESA-2025-1371
OESA-2025-1372
OESA-2025-1409
OESA-2025-1410
OPENSUSE-SU-2025_01620-1
OPENSUSE-SU-2025_01627-1
OPENSUSE-SU-2025_01633-1
OPENSUSE-SU-2025_01640-1
OPENSUSE-SU-2025_1177-1
OPENSUSE-SU-2025_1178-1
OPENSUSE-SU-2025_1180-1
RHSA-2025:20095
RHSA-2025:20518
RHSA-2025_20518
RHSA-2026:2352
SUSE-SU-2025:01620-1
SUSE-SU-2025:01627-1
SUSE-SU-2025:01633-1
SUSE-SU-2025:01640-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:01967-1
SUSE-SU-2025:03465-1
SUSE-SU-2025:03468-1
SUSE-SU-2025:03469-1
SUSE-SU-2025:03472-1
SUSE-SU-2025:03475-1
SUSE-SU-2025:03476-1
SUSE-SU-2025:03482-1
SUSE-SU-2025:03494-1
SUSE-SU-2025:03496-1
SUSE-SU-2025:03503-1
SUSE-SU-2025:03504-1
SUSE-SU-2025:03514-1
SUSE-SU-2025:03528-1
SUSE-SU-2025:03529-1
SUSE-SU-2025:03538-1
SUSE-SU-2025:03539-1
SUSE-SU-2025:03541-1
SUSE-SU-2025:03543-1
SUSE-SU-2025:03548-1
SUSE-SU-2025:03553-1
SUSE-SU-2025:03554-1
SUSE-SU-2025:03555-1
SUSE-SU-2025:03557-1
SUSE-SU-2025:03559-1
SUSE-SU-2025:03563-1
SUSE-SU-2025:03566-1
SUSE-SU-2025:03569-1
SUSE-SU-2025:03571-1
SUSE-SU-2025:03577-1
SUSE-SU-2025:03578-1
SUSE-SU-2025:03580-1
SUSE-SU-2025:1177-1
SUSE-SU-2025:1178-1
SUSE-SU-2025:1180-1
SUSE-SU-2025:1293-1
SUSE-SU-2025:1573-1
SUSE-SU-2025:1574-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025:20806-1
SUSE-SU-2025:20807-1
SUSE-SU-2025:20808-1
SUSE-SU-2025:20813-1
SUSE-SU-2025:20814-1
SUSE-SU-2025:20819-1
SUSE-SU-2025:20826-1
SUSE-SU-2025:20827-1
SUSE-SU-2025:20832-1
SUSE-SU-2025:20833-1
SUSE-SU-2025:20834-1
SUSE-SU-2025:20835-1
SUSE-SU-2025:20840-1
SUSE-SU-2025:20841-1
SUSE-SU-2025:4123-1
SUSE-SU-2025_01620-1
SUSE-SU-2025_01627-1
SUSE-SU-2025_01633-1
SUSE-SU-2025_01967-1
SUSE-SU-2025_1177-1
SUSE-SU-2025_1178-1
SUSE-SU-2025_1180-1
SUSE-SU-2025_1293-1
USN-7510-1
USN-7510-2
USN-7510-3
USN-7510-4
USN-7510-5
USN-7510-6
USN-7510-7
USN-7510-8
USN-7511-1
USN-7511-2
USN-7511-3
USN-7512-1
USN-7516-1
USN-7516-2
USN-7516-3
USN-7516-4
USN-7516-5
USN-7516-6
USN-7516-7
USN-7516-8
USN-7516-9
USN-7517-1
USN-7517-2
USN-7517-3
USN-7518-1
USN-7521-1
USN-7521-2
USN-7521-3
USN-7539-1
USN-7540-1
USN-7593-1
USN-7602-1
USN-7640-1
USN-7703-1
USN-7703-2
USN-7703-3
USN-7703-4
USN-7719-1
USN-7737-1
USN-7907-1
USN-7907-2
USN-7907-3
USN-7907-4
USN-7907-5
USN-7937-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu