5.5

CVE-2025-21640

sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved:

sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy

As mentioned in a previous commit of this series, using the 'net'
structure via 'current' is not recommended for different reasons:

- Inconsistency: getting info from the reader's/writer's netns vs only
  from the opener's netns.

- current->nsproxy can be NULL in some cases, resulting in an 'Oops'
  (null-ptr-deref), e.g. when the current task is exiting, as spotted by
  syzbot [1] using acct(2).

The 'net' structure can be obtained from the table->data using
container_of().

Note that table->data could also be used directly, as this is the only
member needed from the 'net' structure, but that would increase the size
of this fix, to use '*data' everywhere 'net->sctp.sctp_hmac_alg' is
used.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.8 < 6.1.125
LinuxLinux Kernel Version >= 6.2 < 6.6.72
LinuxLinux Kernel Version >= 6.7 < 6.12.10
LinuxLinux Kernel Version6.13 Updaterc1
LinuxLinux Kernel Version6.13 Updaterc2
LinuxLinux Kernel Version6.13 Updaterc3
LinuxLinux Kernel Version6.13 Updaterc4
LinuxLinux Kernel Version6.13 Updaterc5
LinuxLinux Kernel Version6.13 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.136
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/03ca51faba2b017bf6c90e139434c4117d0afcdc
Patch
https://git.kernel.org/stable/c/3cd0659deb9c03535fd61839e91d4d4d3e51ac71
Patch
https://git.kernel.org/stable/c/86ddf8118123cb58a0fb8724cad6979c4069065b
Patch
https://git.kernel.org/stable/c/ad673e514b2793b8d5902f6ba6ab7e890dea23d5
Patch
https://git.kernel.org/stable/c/ea62dd1383913b5999f3d16ae99d411f41b528d4
Patch
https://git.kernel.org/stable/c/f0bb3935470684306e4e04793a20ac4c4b08de0b
Patch
https://git.kernel.org/stable/c/5599b212d2f4466e1832a94e9932684aaa364587
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
https://cert-portal.siemens.com/productcert/html/ssa-265688.html