CVE-2025-21959

CVE-2025-21959 affects the Linux kernel netfilter nf_conncount code. The issue arises from not initializing fields cpu and jiffies32 in struct nf_conncount_tuple during insertion (insert_tree()), after prior fixes added cpu/jiffies32 in nf_conncount_add() but count_tree() path remained uninitiali...

kernel: ipv4: Fix uninit-value access in __ip_make_skb()

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...