CVE-2025-21758

MEDIUM EPSS 96.0%
Published Feb 27, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 27, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk socket under RCU protection.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
96.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥2.6.26  –  <5.15.179
linuxlinux_kernel*≥5.16  –  <6.1.129
linuxlinux_kernel*≥6.2  –  <6.6.79
linuxlinux_kernel*≥6.7  –  <6.12.16
linuxlinux_kernel*≥6.13  –  <6.13.4
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any

References 8

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-082556.html
  • git.kernel.org https://git.kernel.org/stable/c/1b91c597b0214b1b462eb627ec02658c944623f2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/25195f9d5ffcc8079ad743a50c0409dbdc48d98a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/29fa42197f26a97cde29fa8c40beddf44ea5c8f3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a527750d877fd334de87eef81f1cb5f0f0ca3373
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d60d493b0e65647e0335e6a7c4547abcea7df8e9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e8af3632a7f2da83e27b083f787bced1faba00b1
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1b91c597b0214b1b462eb627ec02658c944623f2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/25195f9d5ffcc8079ad743a50c0409dbdc48d98a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/29fa42197f26a97cde29fa8c40beddf44ea5c8f3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a527750d877fd334de87eef81f1cb5f0f0ca3373
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d60d493b0e65647e0335e6a7c4547abcea7df8e9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e8af3632a7f2da83e27b083f787bced1faba00b1
    Patch