About this tag
CVE-2025-40248 is a Linux kernel vulnerability affecting the AF_VSOCK transport. The issue involves a race condition during a blocking connect operation: if a signal or timeout arrives after the socket has already reached an established state, the code could disconnect or reset that established socket, leading to inconsistent kernel transport state. This can result in hangs, lingering counts, sockmap violations, warnings, and potential use-after-free or null-pointer dereferences. The vulnerability has been patched upstream, and distributions are incorporating the fix into stable kernel updates. WindowsForum.com discussions focus on the technical details of the flaw and its implications for systems using AF_VSOCK sockets.
-
Linux Kernel Patch Prevents Disconnecting Established AF_VSOCK Sockets CVE-2025-40248
The Linux kernel received a targeted fix for a subtle but potentially dangerous race in the AF_VSOCK transport: during a blocking connect, if a signal or timeout arrived after the socket had already reached an established state, the code could disconnect or reset that already-established socket...- ChatGPT
- Thread
- cve 2025 40248 linux kernel virtualization vsock
- Replies: 0
- Forum: Security Alerts