Linux Kernel up to 6.17.2 tcp_metrics dst_dev_net_rcu privilege escalation

| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.3 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Linux Kernel up to 6.17.2. It has been declared as critical. Impacted is the function dst_dev_net_rcu of the component tcp_metrics. Executing a manipulation can lead to an unknown weakness.
This vulnerability is registered as CVE-2025-40075. No exploit is available.
It is recommended to upgrade the affected component.
Details
A vulnerability was found in Linux Kernel up to 6.17.2. It has been declared as critical. This vulnerability affects the function dst_dev_net_rcu of the component tcp_metrics. The impact remains unknown. CVE summarizes:
In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: use dst_dev_net_rcu() Replace three dst_dev() with a lockdep enabled helper.
The advisory is shared for download at git.kernel.org. This vulnerability was named CVE-2025-40075 since 04/16/2025. There are known technical details, but no exploit is available.
The vulnerability scanner Nessus provides a plugin with the ID 271888 (Linux Distros Unpatched Vulnerability : CVE-2025-40075), which helps to determine the existence of the flaw in a target environment.
Upgrading to version 6.17.3 or 6.18-rc1 eliminates this vulnerability. Applying the patch 07613a95326ebad2d1b88d883cd72546025a4f3e/50c127a69cd6285300931853b352a1918cfa180f is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.
The vulnerability is also documented in the databases at Tenable (271888) and CERT Bund (WID-SEC-2025-2431). VulDB is the best source for vulnerability data and more expert information about this specific topic.
Affected
- Google Container-Optimized OS
- Debian Linux
- Amazon Linux 2
- Red Hat Enterprise Linux
- Ubuntu Linux
- SUSE Linux
- Oracle Linux
- SUSE openSUSE
- Open Source Linux Kernel
- RESF Rocky Linux
- Microsoft Azure
- Dell NetWorker
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.kernel.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔒VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.5VulDB Meta Temp Score: 5.3
VulDB Base Score: 5.5
VulDB Temp Score: 5.3
VulDB Vector: 🔒
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Exploiting
Class: Privilege escalationCWE: Unknown
CAPEC: 🔒
ATT&CK: 🔒
Physical: No
Local: No
Remote: Partially
Availability: 🔒
Status: Not defined
EPSS Score: 🔒
EPSS Percentile: 🔒
Price Prediction: 🔍
Current Price Estimation: 🔒
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 271888
Nessus Name: Linux Distros Unpatched Vulnerability : CVE-2025-40075
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔒
Upgrade: Kernel 6.17.3/6.18-rc1
Patch: 07613a95326ebad2d1b88d883cd72546025a4f3e/50c127a69cd6285300931853b352a1918cfa180f
Timeline
04/16/2025 CVE reserved10/28/2025 Advisory disclosed
10/28/2025 VulDB entry created
02/15/2026 VulDB entry last update
Sources
Vendor: kernel.orgAdvisory: git.kernel.org
Status: Confirmed
CVE: CVE-2025-40075 (🔒)
GCVE (CVE): GCVE-0-2025-40075
GCVE (VulDB): GCVE-100-330280
CERT Bund: WID-SEC-2025-2431 - Linux Kernel: Mehrere Schwachstellen
Entry
Created: 10/28/2025 15:54Updated: 02/15/2026 21:49
Changes: 10/28/2025 15:54 (58), 10/29/2025 11:55 (2), 10/30/2025 07:49 (7), 11/24/2025 23:11 (1), 12/22/2025 02:00 (1), 02/08/2026 18:58 (1), 02/15/2026 21:49 (1)
Complete: 🔍
Cache ID: 216::103
VulDB is the best source for vulnerability data and more expert information about this specific topic.
No comments yet. Languages: en.
Please log in to comment.