CVE-2025-40139

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set().<br /> <br /> smc_clc_prfx_set() is called during connect() and not under RCU<br /> nor RTNL.<br /> <br /> Using sk_dst_get(sk)-&gt;dev could trigger UAF.<br /> <br /> Let&amp;#39;s use __sk_dst_get() and dev_dst_rcu() under rcu_read_lock()<br /> after kernel_getsockname().<br /> <br /> Note that the returned value of smc_clc_prfx_set() is not used<br /> in the caller.<br /> <br /> While at it, we change the 1st arg of smc_clc_prfx_set[46]_rcu()<br /> not to touch dst there.