CVE-2025-40135
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
12/11/2025
Last modified:
25/03/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ipv6: use RCU in ip6_xmit()<br />
<br />
Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent<br />
possible UAF.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/9085e56501d93af9f2d7bd16f7fcfacdde47b99c
- https://git.kernel.org/stable/c/bd0905e2122e3680968cd0741966983490bf2ed3
- https://git.kernel.org/stable/c/f0a54d00d2f36de40266f47c27989853e8588656
- https://git.kernel.org/stable/c/f69fec6287565fdeb61f65e700a1184352306943
- https://git.kernel.org/stable/c/f7f9e924f23684b4b23cd9f976cceab24a968e34