CVE-2025-21636
Published: Jan 19, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the reader's/writer's netns vs only from the opener's netns. - current->nsproxy can be NULL in some cases, resulting in an 'Oops' (null-ptr-deref), e.g. when the current task is exiting, as spotted by syzbot [1] using acct(2). The 'net' structure can be obtained from the table->data using container_of(). Note that table->data could also be used directly, as this is the only member needed from the 'net' structure, but that would increase the size of this fix, to use '*data' everywhere 'net->sctp.probe_interval' is used.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected d1e462a7a5f359cbb9a0e8fbfafcfb6657034105 - < 1dc5da6c4178f3e4b95c631418f72de9f86c0449affected d1e462a7a5f359cbb9a0e8fbfafcfb6657034105 - < 44ee8635922b6eb940faddb961a8347c6857d722affected d1e462a7a5f359cbb9a0e8fbfafcfb6657034105 - < 284a221f8fa503628432c7bb5108277c688c6ffaaffected d1e462a7a5f359cbb9a0e8fbfafcfb6657034105 - < bcf8c60074e81ed2ac2d35130917175a3949c917affected d1e462a7a5f359cbb9a0e8fbfafcfb6657034105 - < 6259d2484d0ceff42245d1f09cc8cb6ee72d847a |
Linux | Linux | affected 5.14unaffected 0 - < 5.14unaffected 5.15.177 - <= 5.15.*unaffected 6.1.125 - <= 6.1.*unaffected 6.6.72 - <= 6.6.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now