CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu()
Description
In the Linux kernel, the following vulnerability has been resolved:
ipv4: use RCU protection in __ip_rt_update_pmtu()
__ip_rt_update_pmtu() must use RCU protection to make
sure the net structure it reads does not disappear.
Classification
CVE ID: CVE-2025-21766
Affected Products
Vendor: Linux, Linux
Product: Linux, Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 9.05% (scored less or equal to compared to others)
EPSS Date: 2025-03-27 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-21766https://git.kernel.org/stable/c/ea07480b23225942208f1b754fea1e7ec486d37e
https://git.kernel.org/stable/c/9b1766d1ff5fe496aabe9fc5f4e34e53f35c11c4
https://git.kernel.org/stable/c/4583748b65dee4d61bd50a2214715b4237bc152a
https://git.kernel.org/stable/c/a39f61d212d822b3062d7f70fa0588e50e55664e
https://git.kernel.org/stable/c/139512191bd06f1b496117c76372b2ce372c9a41