Primary

Context

Linux Kernel dst_dev_rcu Use-After-Free Vulnerability in IPv4 Processing

Vulnerability

Patched

A use-after-free vulnerability has been addressed in the Linux kernel's IPv4 handling. This issue arose from not properly managing reference counts for network devices in certain IPv4 functions, which could potentially lead to accessing freed memory. The vulnerability was mitigated by changing these functions to use a version of the destination device lookup that is safe for concurrent access, thereby preventing the use-after-free condition.

Impact

The vulnerability could lead to a use-after-free condition, allowing for potential memory corruption or exploitation.

Added: Oct 28, 2025, 12:28 PM

Updated: Oct 28, 2025, 12:28 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

0.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

0.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel dst_dev_rcu Use-After-Free Vulnerability in IPv4 Processing

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating