CVE-2025-38550

Опубликовано: 16 авг. 2025

Источник: redhat

CVSS3: 7.1

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc->idev in mld_del_delrec() pmc->idev is still used in ip6_mc_clear_src(), so as mld_clear_delrec() does, the reference should be put after ip6_mc_clear_src() return.

Отчет

An IPv6 MLD bookkeeping bug freed pmc->idev before it was used in ip6_mc_clear_src(), causing a use-after-free in the multicast code path. A remote attacker on the same L2 segment could potentially trigger a kernel crash via crafted MLD activity, leading to DoS.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel-rt	Affected
Red Hat Enterprise Linux 10	kernel	Fixed	RHSA-2025:15782	15.09.2025
Red Hat Enterprise Linux 9	kernel	Fixed	RHSA-2025:15740	15.09.2025
Red Hat Enterprise Linux 9	kernel	Fixed	RHSA-2025:15740	15.09.2025

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=2388941kernel: ipv6: mcast: Delay put pmc->idev in mld_del_delrec()

EPSS

Процентиль: 10%

0.00036

Низкий

7.1 High

CVSS3

Связанные уязвимости

CVE-2025-38550

ubuntu

3 месяца назад

CVE-2025-38550

nvd

3 месяца назад

CVE-2025-38550

CVSS3: 5.5

msrc

2 месяца назад

ipv6: mcast: Delay put pmc->idev in mld_del_delrec()

CVE-2025-38550

debian

3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: i ...

GHSA-j928-v9rj-pq95

github

3 месяца назад

EPSS

Процентиль: 10%

0.00036

Низкий

7.1 High

CVSS3