VDB

DEBIAN-CVE-2025-40170

DEBIAN-CVE-2025-40170 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: net: use dst_dev_rcu() in sk_setup_caps() Use RCU to protect accesses to dst->dev from sk_setup_caps() and sk_dst_gso_max_size(). Also use dst_dev_rcu() in ip6_dst_mtu_maybe_forward(), and ip_dst_mtu_maybe_forward(). ip4_dst_hoplimit() can use dst_dev_net_rcu().

Affected Products

VendorProductVersions
Debian:12linux6.7.12-1, 6.12.11-1+alpha.1, 6.12.12-1
Debian:14linux*, *, *
Debian:13linux6.12.63-1, 0, 6.12.38-1
Debian:11linux6.13.8-1, 6.13.9-1, 6.13

Timeline

  • Nov 12, 2025 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›