Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Use-After-Free Vulnerability in SMC CLC Prefix Handling

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's handling of SMC CLC prefixes. This issue arises in the 'smc_clc_prfx_set' function, which is called during the connection process without proper synchronization, potentially leading to the use of a freed memory reference. The vulnerability has been addressed by modifying the function to use '__sk_dst_get()' and 'dst_dev_rcu()' under a read-side RCU lock, ensuring safe access to network device information. The change prevents the use-after-free condition by correctly managing the lifecycle of the referenced data.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, allowing for memory corruption and potentially arbitrary code execution.

Remediation

Users can upgrade to the patched version of the Linux kernel available in the Linux Kernel Stable Tree.

Added: Nov 12, 2025, 11:53 AM
Updated: Nov 12, 2025, 5:26 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.3
remediation
7.7
relevance
0.9
threat
3.2
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.