-
CVE-2025-40133
- EPSS 0.02%
- Veröffentlicht 12.11.2025 10:23:22
- Zuletzt bearbeitet 12.11.2025 16:19:12
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved: mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable(). mptcp_active_enable() is called from subflow_finish_connect(), which is icsk->icsk_af_ops->sk_rx_dst_set() and it's not always under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu().
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
ad16235c9d3ef7ec17c109ff39b7504f49d17072
Version
27069e7cb3d1cea9377069266acf19b9cc5ad0ae
Status
affected
Version <
cc976ec9e38bb79409de3261ba1dbb6868e2a53e
Version
27069e7cb3d1cea9377069266acf19b9cc5ad0ae
Status
affected
Version <
893c49a78d9f85e4b8081b908fb7c407d018106a
Version
27069e7cb3d1cea9377069266acf19b9cc5ad0ae
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.12
Status
affected
Version <
6.12
Version
0
Status
unaffected
Version <=
6.12.*
Version
6.12.55
Status
unaffected
Version <=
6.17.*
Version
6.17.3
Status
unaffected
Version <=
*
Version
6.18
Status
unaffected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.057 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|