Linux Kernel TCP SYN-ACK Process Context Vulnerability

Vulnerability

A vulnerability in the Linux kernel's TCP implementation allows the tcp_rtx_synack() function to be called from process context. This change can lead to the tcp_make_synack() function being invoked in a way that disrupts per-CPU variables while preemption is enabled, causing a kernel BUG. The issue arises because __TCP_INC_STATS() is called in a preemptible context, which is unsafe.

Impact

The vulnerability can lead to a kernel BUG due to improper handling of per-CPU variables in a preemptible context, potentially causing system instability or crashes.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel TCP SYN-ACK Process Context Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating