CVE-2025-21641

Published: Jan 19, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: mptcp: sysctl: blackhole timeout: avoid using current->nsproxy As mentioned in the previous commit, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the reader's/writer's netns vs only from the opener's netns. - current->nsproxy can be NULL in some cases, resulting in an 'Oops' (null-ptr-deref), e.g. when the current task is exiting, as spotted by syzbot [1] using acct(2). The 'pernet' structure can be obtained from the table->data using container_of().

Vendor	Product	Versions
Linux	Linux	affected `27069e7cb3d1cea9377069266acf19b9cc5ad0ae - < 4c74fbdc5ab95b13945be01e6065940b68222db7` affected `27069e7cb3d1cea9377069266acf19b9cc5ad0ae - < 92cf7a51bdae24a32c592adcdd59a773ae149289`
Linux	Linux	affected `6.12` unaffected `0 - < 6.12` unaffected `6.12.10 - <= 6.12.` unaffected `6.13 - <= `

References

https://git.kernel.org/stable/c/4c74fbdc5ab95b13945be01e6065940b68222db7

https://git.kernel.org/stable/c/92cf7a51bdae24a32c592adcdd59a773ae149289

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-21641

Description

Affected Products

References