DEBIAN-CVE-2025-40168

DEBIAN-CVE-2025-40168 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). smc_clc_prfx_match() is called from smc_listen_work() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the returned value of smc_clc_prfx_match() is not used in the caller.

Affected Products

Vendor	Product	Versions
Debian:12	linux	6.18.12-1, 6.18.13-1, 6.18.14-1
Debian:14	linux	6.12.41-1, 6.12.43-1, 6.12.57-1~bpo12+1
Debian:13	linux	6.19.8-1, 6.12.41-1, 6.12.43-1
Debian:11	linux	0, 5.10.103-1, 5.10.106-1

Timeline

Nov 12, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-40168 advisory

Open in Interactive Console →