Back to search
CVE-2025-40149
Published: Nov 12, 2025
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the only ->ndo_sk_get_lower_dev() user is bond_sk_get_lower_dev(), which uses RCU.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e8f69799810c32dd40c6724d829eccc70baad07f - < 2b1bef126bbb8d0da51491357559126d567c1deeaffected e8f69799810c32dd40c6724d829eccc70baad07f - < e37ca0092ddace60833790b4ad7a390408fb1be9affected e8f69799810c32dd40c6724d829eccc70baad07f - < 13159c7125636371543a82cb7bbae00ab36730ccaffected e8f69799810c32dd40c6724d829eccc70baad07f - < f09cd209359a23f88d4f3fa3d2379d057027e53caffected e8f69799810c32dd40c6724d829eccc70baad07f - < feb474ddbf26b51f462ae2e60a12013bdcfc5407+1 more versions |
Linux | Linux | affected 4.18unaffected 0 - < 4.18unaffected 5.15.199 - <= 5.15.*unaffected 6.1.161 - <= 6.1.*unaffected 6.6.121 - <= 6.6.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now