CVE-2025-21759

Published: Feb 27, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk socket under RCU protection.

Vendor	Product	Versions
Linux	Linux	affected `b8ad0cbc58f703972e9e37c4e2a8081dd7e6a551 - < 81b25a07ebf53f9ef4ca8f3d96a8ddb94561dd5a` affected `b8ad0cbc58f703972e9e37c4e2a8081dd7e6a551 - < 0bf8e2f3768629d437a32cb824149e6e98254381` affected `b8ad0cbc58f703972e9e37c4e2a8081dd7e6a551 - < 8e92d6a413feaf968a33f0b439ecf27404407458` affected `b8ad0cbc58f703972e9e37c4e2a8081dd7e6a551 - < 087c1faa594fa07a66933d750c0b2610aa1a2946`
Linux	Linux	affected `2.6.26` unaffected `0 - < 2.6.26` unaffected `6.6.79 - <= 6.6.` unaffected `6.12.16 - <= 6.12.` unaffected `6.13.4 - <= 6.13.*` +1 more versions

References

https://git.kernel.org/stable/c/81b25a07ebf53f9ef4ca8f3d96a8ddb94561dd5a

https://git.kernel.org/stable/c/0bf8e2f3768629d437a32cb824149e6e98254381

https://git.kernel.org/stable/c/8e92d6a413feaf968a33f0b439ecf27404407458

https://git.kernel.org/stable/c/087c1faa594fa07a66933d750c0b2610aa1a2946

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-21759

Description

Affected Products

References