CVE-2025-40170 net: use dst_dev_rcu() in sk_setup_caps()

🗓️ 12 Nov 2025 10:46:52Reported by LinuxType

CVE fixed: use destination device rcu for dst local access in setup caps and gso size, and in ig forward paths; hop limit for ipv4 may use destination device net rcu.

Reporter	Title	Published	Views	Family All 270
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	26 Mar 202619:47	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance	27 Apr 202613:10	–	ibm
IBM Security Bulletins	Security Bulletin: Technical Support Appliance - potential denial of service conditions in underlying Linux kernel	26 Mar 202615:38	–	ibm
Tenable Nessus	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1423)	5 Feb 202600:00	–	nessus
Tenable Nessus	AlmaLinux 10 : kernel (ALSA-2026:1690)	5 Feb 202600:00	–	nessus
Tenable Nessus	AlmaLinux 9 : kernel (ALSA-2026:2212)	12 Feb 202600:00	–	nessus
Tenable Nessus	AlmaLinux 8 : kernel (ALSA-2026:2264)	10 Feb 202600:00	–	nessus
Tenable Nessus	AlmaLinux 8 : kernel-rt (ALSA-2026:2378)	10 Feb 202600:00	–	nessus
Tenable Nessus	Debian dsa-6126 : ata-modules-6.12.31-armmp-di - security update	9 Feb 202600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1244)	10 Mar 202600:00	–	nessus

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "include/net/ip.h",
      "include/net/ip6_route.h",
      "include/net/route.h",
      "net/core/sock.c"
    ],
    "versions": [
      {
        "version": "4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36",
        "lessThan": "5d1be493d1110c9e720b4c51a6e587bb2fb4ac12",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36",
        "lessThan": "a805729c0091073d8f0415cfa96c7acd1bc17a48",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36",
        "lessThan": "99a2ace61b211b0be861b07fbaa062fca4b58879",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "include/net/ip.h",
      "include/net/ip6_route.h",
      "include/net/route.h",
      "net/core/sock.c"
    ],
    "versions": [
      {
        "version": "4.13",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "4.13",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.64",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.17.3",
        "lessThanOrEqual": "6.17.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/5d1be493d1110c9e720b4c51a6e587bb2fb4ac12
git	www.git.kernel.org/stable/c/99a2ace61b211b0be861b07fbaa062fca4b58879
git	www.git.kernel.org/stable/c/a805729c0091073d8f0415cfa96c7acd1bc17a48

11 May 2026 21:44Current

EPSS0.0003