Linux Kernel RDS Subsystem Sysctl Vulnerability in TCP Buffer Management

Vulnerability

A vulnerability in the Linux kernel's RDS subsystem has been addressed, specifically related to the sysctl parameters rds_tcp_rcvbuf and rds_tcp_sndbuf. The issue arose from using the 'current' task's network namespace, which can lead to inconsistencies and potential null pointer dereferences, particularly when the current task is exiting. This vulnerability was identified by syzbot.

Impact

Exploitation of this vulnerability could lead to a null pointer dereference, causing a kernel crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RDS Subsystem Sysctl Vulnerability in TCP Buffer Management

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating