CVE-2025-21763
neighbour: use RCU protection in __neigh_notify()
In the Linux kernel, the following vulnerability has been resolved:
neighbour: use RCU protection in __neigh_notify()
__neigh_notify() can be called without RTNL or RCU protection.
Use RCU protection to avoid potential UAF.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://cert-portal.siemens.com/productcert/html/ssa-265688.htmlhttps://git.kernel.org/stable/c/1cbb2aa90cd3fba15ad7efb5cdda28f3d1082379https://git.kernel.org/stable/c/40d8f2f2a373b6c294ffac394d2bb814b572ead1https://git.kernel.org/stable/c/559307d25235e24b5424778c7332451b6c741159https://git.kernel.org/stable/c/784eb2376270e086f7db136d154b8404edacf97bhttps://git.kernel.org/stable/c/8666e9aab801328c1408a19fbf4070609dc0695ahttps://git.kernel.org/stable/c/becbd5850c03ed33b232083dd66c6e38c0c0e569https://git.kernel.org/stable/c/cdd5c2a12ddad8a77ce1838ff9f29aa587de82dfhttps://git.kernel.org/stable/c/e1aed6be381bcd7f46d4ca9d7ef0f5f3d6a1be32https://lists.debian.org/debian-lts-announce/2025/03/msg00028.htmlhttps://lists.debian.org/debian-lts-announce/2025/05/msg00030.html