CVE-2025-40133
- Source
- https://cve.org/CVERecord?id=CVE-2025-40133
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40133.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-40133
- Downstream
- Published
- 2025-11-12T10:23:22.498Z
- Modified
- 2025-12-05T10:22:27.038282Z
- Summary
- mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable().
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
mptcp: Use _skdstget() and dstdevrcu() in mptcpactive_enable().
mptcpactiveenable() is called from subflowfinishconnect(), which is icsk->icskafops->skrxdst_set() and it's not always under RCU.
Using skdstget(sk)->dev could trigger UAF.
Let's use _skdstget() and dstdev_rcu().
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40133.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/893c49a78d9f85e4b8081b908fb7c407d018106a
- https://git.kernel.org/stable/c/ad16235c9d3ef7ec17c109ff39b7504f49d17072
- https://git.kernel.org/stable/c/cc976ec9e38bb79409de3261ba1dbb6868e2a53e
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40133.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-40133
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced27069e7cb3d1cea9377069266acf19b9cc5ad0aeFixedad16235c9d3ef7ec17c109ff39b7504f49d17072Fixedcc976ec9e38bb79409de3261ba1dbb6868e2a53eFixed893c49a78d9f85e4b8081b908fb7c407d018106a
Affected versions
v6.*
v6.11
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.4
v6.12.40
v6.12.41
v6.12.42
v6.12.43
v6.12.44
v6.12.45
v6.12.46
v6.12.47
v6.12.48
v6.12.49
v6.12.5
v6.12.50
v6.12.51
v6.12.52
v6.12.53
v6.12.54
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.16
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.17
v6.17-rc1
v6.17-rc2
v6.17-rc3
v6.17-rc4
v6.17-rc5
v6.17-rc6
v6.17-rc7
v6.17.1
v6.17.2