Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-40135

Опубликовано: 12 нояб. 2025
Источник: redhat
CVSS3: 7

Описание

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF.

A use-after-free flaw was found in ip6_autoflowlabel in the Linux kernel's net/ipv6/ip6_output.c code. In this flaw an attacker can cause a denial of service (DoS) attack.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 10kernelFixedRHSA-2026:169002.02.2026
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2026:237810.02.2026
Red Hat Enterprise Linux 8kernelFixedRHSA-2026:226409.02.2026
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportkernelFixedRHSA-2026:2653517.06.2026
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnkernelFixedRHSA-2026:2653517.06.2026
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportkernelFixedRHSA-2026:2553312.06.2026

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-825
https://bugzilla.redhat.com/show_bug.cgi?id=2414521kernel: ipv6: use RCU in ip6_xmit()

7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-40135

ubuntu
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF.

nvd логотип

CVE-2025-40135

nvd
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF.

msrc логотип

CVE-2025-40135

CVSS3: 8.4
msrc
7 месяцев назад

ipv6: use RCU in ip6_xmit()

debian логотип

CVE-2025-40135

debian
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: i ...

github логотип

GHSA-q28q-889g-6rx2

github
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF.

7 High

CVSS3

Уязвимость CVE-2025-40135