CVE-2025-21791 in LinuxИнформация

Сводка

по MITRE • 27.02.2025

In the Linux kernel, the following vulnerability has been resolved:

vrf: use RCU protection in l3mdev_l3_out()

l3mdev_l3_out() can be called without RCU being held:

raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_out()

Add rcu_read_lock() / rcu_read_unlock() pair to avoid a potential UAF.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Ответственный

Linux

Резервировать

29.12.2024

Раскрытие

27.02.2025

Модерация

принято

Вход

VDB-297822

EPSS

0.00246

KEV

Нет

Деятельности

Очень низкий

Источники

Want to know what is going to be exploited?

We predict KEV entries!