CVE-2025-21758

ipv6: mcast: add RCU protection to mld_newpack()

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because
ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk
socket under RCU protection.

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk socket under RCU protection.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-29 CVE Reserved
2025-02-27 CVE Published
2025-03-24 CVE Updated
2025-03-31 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (7)

URL	Tag	Source
https://git.kernel.org/stable/c/b8ad0cbc58f703972e9e37c4e2a8081dd7e6a551	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/29fa42197f26a97cde29fa8c40beddf44ea5c8f3	2025-03-13
https://git.kernel.org/stable/c/e8af3632a7f2da83e27b083f787bced1faba00b1	2025-02-21
https://git.kernel.org/stable/c/1b91c597b0214b1b462eb627ec02658c944623f2	2025-02-21
https://git.kernel.org/stable/c/25195f9d5ffcc8079ad743a50c0409dbdc48d98a	2025-02-21
https://git.kernel.org/stable/c/d60d493b0e65647e0335e6a7c4547abcea7df8e9	2025-02-21
https://git.kernel.org/stable/c/a527750d877fd334de87eef81f1cb5f0f0ca3373	2025-02-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.26 < 5.15.179 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 5.15.179"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.26 < 6.1.129 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 6.1.129"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.26 < 6.6.79 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 6.6.79"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.26 < 6.12.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 6.12.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.26 < 6.13.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 6.13.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.26 < 6.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 6.14"		en		Affected