CVE-2025-21638
Published: Jan 19, 2025
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: auth_enable: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the reader's/writer's netns vs only from the opener's netns. - current->nsproxy can be NULL in some cases, resulting in an 'Oops' (null-ptr-deref), e.g. when the current task is exiting, as spotted by syzbot [1] using acct(2). The 'net' structure can be obtained from the table->data using container_of(). Note that table->data could also be used directly, but that would increase the size of this fix, while 'sctp.ctl_sock' still needs to be retrieved from 'net' structure.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected b14878ccb7fac0242db82720b784ab62c467c0dc - < cf387cdebfaebae228dfba162f94c567a67610c3affected b14878ccb7fac0242db82720b784ab62c467c0dc - < dc583e7e5f8515ca489c0df28e4362a70eade382affected b14878ccb7fac0242db82720b784ab62c467c0dc - < bd2a2939423566c654545fa3e96a656662a0af9eaffected b14878ccb7fac0242db82720b784ab62c467c0dc - < 1b67030d39f2b00f94ac1f0af11ba6657589e4d3affected b14878ccb7fac0242db82720b784ab62c467c0dc - < 7ec30c54f339c640aa7e49d7e9f7bbed6bd42bf6+8 more versions |
Linux | Linux | affected 3.15unaffected 0 - < 3.15unaffected 5.4.292 - <= 5.4.*unaffected 5.10.234 - <= 5.10.*unaffected 5.15.177 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now