cve 2025 40139

CVE-2025-40139 is a vulnerability in the Linux kernel's SMC (Shared Memory Communications) networking code, specifically a use-after-free issue in the smc_clc_prfx_set function. The flaw occurs due to a race condition where a device pointer can be freed while still being accessed outside RCU or RTNL contexts. The fix involves using __sk_dst_get and dst_dev_rcu under an RCU read-lock to safely access the destination cache. This tag covers discussions about the vulnerability, its background, and the kernel patch that resolves it. While the tag is relevant to Linux kernel security, it may also be of interest to Windows users running virtualized or cross-platform environments that rely on SMC.