Linux Kernel Use-After-Free Vulnerability in l3mdev_l3_out() Function

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel within the l3mdev_l3_out() function. This issue arises because the function can be called without proper RCU (Read-Copy-Update) protection, potentially leading to a use-after-free condition. The vulnerability is addressed by adding an RCU read lock and unlock pair to ensure safe access.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, which may be exploited to cause memory corruption or arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Use-After-Free Vulnerability in l3mdev_l3_out() Function

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating