3.3

CVE-2025-71148

net/handshake: restore destructor on submit failure

In the Linux kernel, the following vulnerability has been resolved:

net/handshake: restore destructor on submit failure

handshake_req_submit() replaces sk->sk_destruct but never restores it when
submission fails before the request is hashed. handshake_sk_destruct() then
returns early and the original destructor never runs, leaking the socket.
Restore sk_destruct on the error path.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.4 < 6.6.120
LinuxLinux Kernel Version >= 6.7 < 6.12.64
LinuxLinux Kernel Version >= 6.13 < 6.18.3
LinuxLinux Kernel Version6.19 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.11% 0.016
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.3 1.8 1.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/cd8cf2be3717137554744233fda051ffc09d1d44
Patch
https://git.kernel.org/stable/c/7b82a1d6ae869533d8bdb0282a3a78faed8e63dd
Patch
https://git.kernel.org/stable/c/b225325be7b247c7268e65eea6090db1fc786d1f
Patch
https://git.kernel.org/stable/c/6af2a01d65f89e73c1cbb9267f8880d83a88cee4
Patch