Lucene search
K

29 matches found

OSV
OSV
added 2025/01/19 10:17 a.m.14 views

CVE-2025-21638 sctp: sysctl: auth_enable: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: authenable: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

5.5CVSS6AI score0.00229EPSS
Exploits0References13
OSV
OSV
added 2025/01/19 10:17 a.m.15 views

CVE-2025-21639 sctp: sysctl: rto_min/max: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

5.5CVSS6AI score0.00224EPSS
Exploits0References13
CVE
CVE
added 2025/01/19 10:17 a.m.185 views

CVE-2025-21639

The CVE-2025-21639 issue is in the Linux kernel SCTP sysctl handling (rto_min/rto_max) where current->nsproxy was used to read netns, risking a NULL pointer dereference and Oops when the task is exiting. The fix, as described in the initial document, replaces current->nsproxy usage with ret...

5.5CVSS6.9AI score0.00224EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2025/01/19 10:17 a.m.154 views

CVE-2025-21637

The provided Connected documents confirm CVE-2025-21637 concerns the Linux kernel SCTP sysctl handling of udp_port, where the code path uses current->nsproxy, risking incorrect netns context and potential null dereference. The issue is described as due to accessing net/ns data via the current ...

5.5CVSS6.9AI score0.00207EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/01/19 10:17 a.m.7 views

CVE-2025-21637 sctp: sysctl: udp_port: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udpport: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

5.5CVSS6AI score0.00207EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/01/19 10:17 a.m.2 views

CVE-2025-21636 sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtudprobeinterval: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info fro...

7.5AI score0.00207EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/01/19 10:17 a.m.5 views

CVE-2025-21636

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtudprobeinterval: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info fro...

5.5CVSS5.6AI score0.00207EPSS
Exploits0
OSV
OSV
added 2025/01/19 10:17 a.m.8 views

CVE-2025-21635 rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: rds: sysctl: rdstcprcv,sndbuf: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

5.5CVSS6.1AI score0.00179EPSS
Exploits0References5
CVE
CVE
added 2025/01/19 10:17 a.m.149 views

CVE-2025-21635

CVE-2025-21635 — Linux kernel (RDS): The vulnerability arises from using current->nsproxy in rds_tcp_rcvbuf/rds_tcp_sndbuf sysctl handling, which can cause a NULL pointer dereference when the current task is exiting and the netns proxy is NULL. The fix switches to obtaining the per-netns conte...

5.5CVSS6.6AI score0.00179EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder