CVE-2025-21635

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-&gt;nsproxy<br /> <br /> As mentioned in a previous commit of this series, using the &amp;#39;net&amp;#39;<br /> structure via &amp;#39;current&amp;#39; is not recommended for different reasons:<br /> <br /> - Inconsistency: getting info from the reader&amp;#39;s/writer&amp;#39;s netns vs only<br /> from the opener&amp;#39;s netns.<br /> <br /> - current-&gt;nsproxy can be NULL in some cases, resulting in an &amp;#39;Oops&amp;#39;<br /> (null-ptr-deref), e.g. when the current task is exiting, as spotted by<br /> syzbot [1] using acct(2).<br /> <br /> The per-netns structure can be obtained from the table-&gt;data using<br /> container_of(), then the &amp;#39;net&amp;#39; one can be retrieved from the listen<br /> socket (if available).