Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk socket under RCU protection.

INFO

Published Date :

2025-02-27T02:18:12.496Z

Last Modified :

2025-11-03T19:37:03.144Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-21758 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-21758.

URL Resource
https://git.kernel.org/stable/c/1b91c597b0214b1b462eb627ec02658c944623f2 cve-icon cve-icon
https://git.kernel.org/stable/c/25195f9d5ffcc8079ad743a50c0409dbdc48d98a cve-icon cve-icon
https://git.kernel.org/stable/c/29fa42197f26a97cde29fa8c40beddf44ea5c8f3 cve-icon cve-icon
https://git.kernel.org/stable/c/a527750d877fd334de87eef81f1cb5f0f0ca3373 cve-icon cve-icon
https://git.kernel.org/stable/c/d60d493b0e65647e0335e6a7c4547abcea7df8e9 cve-icon cve-icon
https://git.kernel.org/stable/c/e8af3632a7f2da83e27b083f787bced1faba00b1 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2025-21758-9f8c@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-21758 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-21758 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact