CVE-2025-71148

Published: Jan 23, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshake_req_submit() replaces sk->sk_destruct but never restores it when submission fails before the request is hashed. handshake_sk_destruct() then returns early and the original destructor never runs, leaking the socket. Restore sk_destruct on the error path.

Vendor	Product	Versions
Linux	Linux	affected `3b3009ea8abb713b022d94fba95ec270cf6e7eae - < cd8cf2be3717137554744233fda051ffc09d1d44` affected `3b3009ea8abb713b022d94fba95ec270cf6e7eae - < 7b82a1d6ae869533d8bdb0282a3a78faed8e63dd` affected `3b3009ea8abb713b022d94fba95ec270cf6e7eae - < b225325be7b247c7268e65eea6090db1fc786d1f` affected `3b3009ea8abb713b022d94fba95ec270cf6e7eae - < 6af2a01d65f89e73c1cbb9267f8880d83a88cee4`
Linux	Linux	affected `6.4` unaffected `0 - < 6.4` unaffected `6.6.120 - <= 6.6.` unaffected `6.12.64 - <= 6.12.` unaffected `6.18.3 - <= 6.18.*` +1 more versions

References

https://git.kernel.org/stable/c/cd8cf2be3717137554744233fda051ffc09d1d44

https://git.kernel.org/stable/c/7b82a1d6ae869533d8bdb0282a3a78faed8e63dd

https://git.kernel.org/stable/c/b225325be7b247c7268e65eea6090db1fc786d1f

https://git.kernel.org/stable/c/6af2a01d65f89e73c1cbb9267f8880d83a88cee4

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-71148

Description

Affected Products

References