CVE-2025-40018

NONE EPSS 9.1%
Published Oct 24, 20258mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Oct 24, 2025 8mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.

Threat Intelligence

EPSS Exploit Probability
9.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 8

  • git.kernel.org https://git.kernel.org/stable/c/134121bfd99a06d44ef5ba15a9beb075297c0821
  • git.kernel.org https://git.kernel.org/stable/c/1d79471414d7b9424d699afff2aa79fff322f52d
  • git.kernel.org https://git.kernel.org/stable/c/421b1ae1574dfdda68b835c15ac4921ec0030182
  • git.kernel.org https://git.kernel.org/stable/c/53717f8a4347b78eac6488072ad8e5adbaff38d9
  • git.kernel.org https://git.kernel.org/stable/c/8a6ecab3847c213ce2855b0378e63ce839085de3
  • git.kernel.org https://git.kernel.org/stable/c/8cbe2a21d85727b66d7c591fd5d83df0d8c4f757
  • git.kernel.org https://git.kernel.org/stable/c/a343811ef138a265407167294275201621e9ebb2
  • git.kernel.org https://git.kernel.org/stable/c/dc1a481359a72ee7e548f1f5da671282a7c13b8f

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.