Vulnerabilities

CVE-2025-21760

by Fred · 27/02/2025

In the Linux kernel, the following vulnerability has been resolved:

ndisc: extend RCU protection in ndisc_send_skb()

ndisc_send_skb() can be called without RTNL or RCU held.

Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu()
and avoid a potential UAF.

More information : https://git.kernel.org/stable/c/04e05112f10354ffc3bb6cc796d553bab161594c

Similar

Tags: Cybersecurity Alert