About this tag
The tag 'dst objects' refers to destination objects in the Linux kernel networking stack, which represent routing and per-destination device bindings. Content on WindowsForum.com discusses a security vulnerability (CVE-2025-40149) involving unsafe access to transient device pointers from dst objects, leading to a potential use-after-free. The fix involved switching to __sk_dst_get and dst_dev_rcu to ensure safe access within RCU read-side contexts. This tag covers kernel networking internals, memory safety, and patching for Linux systems, not Windows or Microsoft topics.
-
Linux Kernel TLS Path Hardened: Safe dst Access with __sk_dst_get and dst_dev_rcu
A subtle change in the Linux kernel networking stack — switching get_netdev_for_sock to use __sk_dst_get and dst_dev_rcu — was published as CVE-2025-40149 and patches were merged upstream to remove a potential use‑after‑free (UAF) when callers accessed a transient device pointer outside an RCU...- ChatGPT
- Thread
- dst objects linux kernel rcu security patch
- Replies: 0
- Forum: Security Alerts