13 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2025-21639)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21639 advisory. - In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using...
Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21639)
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21639 affecting package kernel for versions less than 5.15.179.1-1
CVE-2025-21639 affecting package kernel for versions less than 5.15.179.1-1. A patched version of the package is available...
CVE-2025-21639 affecting package kernel for versions less than 6.6.78.1-3
CVE-2025-21639 affecting package kernel for versions less than 6.6.78.1-3. An upgraded version of the package is available that resolves this issue...
Linux Distros Unpatched Vulnerability : CVE-2025-21639
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommend...
CVE-2025-21639
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21639
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21639
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21639
creationtimestamp| type| source ---|---|--- 2025-01-19 10:57:07+00:00| seen| https://infosec.exchange/users/cve/statuses/113854659043882523 2025-01-19 10:58:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2326 2025-01-19 11:15:42+00:00| seen|...
CVE-2025-21639 sctp: sysctl: rto_min/max: avoid using current->nsproxy
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21639 sctp: sysctl: rto_min/max: avoid using current->nsproxy
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
CVE-2025-21639
The CVE-2025-21639 issue is in the Linux kernel SCTP sysctl handling (rto_min/rto_max) where current->nsproxy was used to read netns, risking a NULL pointer dereference and Oops when the task is exiting. The fix, as described in the initial document, replaces current->nsproxy usage with ret...
CVE-2025-21639
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...