CVE-2025-21639

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> sctp: sysctl: rto_min/max: avoid using current-&gt;nsproxy<br /> <br /> As mentioned in a previous commit of this series, using the &amp;#39;net&amp;#39;<br /> structure via &amp;#39;current&amp;#39; is not recommended for different reasons:<br /> <br /> - Inconsistency: getting info from the reader&amp;#39;s/writer&amp;#39;s netns vs only<br /> from the opener&amp;#39;s netns.<br /> <br /> - current-&gt;nsproxy can be NULL in some cases, resulting in an &amp;#39;Oops&amp;#39;<br /> (null-ptr-deref), e.g. when the current task is exiting, as spotted by<br /> syzbot [1] using acct(2).<br /> <br /> The &amp;#39;net&amp;#39; structure can be obtained from the table-&gt;data using<br /> container_of().<br /> <br /> Note that table-&gt;data could also be used directly, as this is the only<br /> member needed from the &amp;#39;net&amp;#39; structure, but that would increase the size<br /> of this fix, to use &amp;#39;*data&amp;#39; everywhere &amp;#39;net-&gt;sctp.rto_min/max&amp;#39; is used.