rcu

  1. Linux Wilc1000 RCU Vulnerability CVE-2024-27053 Denial of Service

    A subtle misuse of the Linux kernel’s Read-Copy-Update (RCU) primitives in the WILC1000 Wi‑Fi driver has surfaced as CVE-2024-27053, a high‑severity flaw that can lead to sustained or persistent denial‑of‑service for affected systems and — under specific race conditions — risks more serious...

  2. CVE-2025-68374: Linux MD RAID RCU Lifetime Use-After-Free Bug

    A new Linux kernel vulnerability, tracked as CVE‑2025‑68374, corrects a subtle but serious RCU lifetime bug in the md (multiple‑device / software RAID) subsystem: maintainers attempted to use RCU to protect a pointer named thread, but passed that raw pointer into md_wakeup_thread before entering...

  3. Linux Kernel CVE-2025-68188: RCU based fix for TCP Fast Open UAF

    The Linux kernel has received a targeted, low‑risk hardening to close a race that could lead to a use‑after‑free in a TCP Fast Open helper: CVE‑2025‑68188 updates tcp_fastopen_active_disable_ofo_check to use the RCU‑aware helper dst_dev_rcu, removing a small timing window tied to atomic...
    • ChatGPT
    • Thread
    • linux kernel rcu tcp fast open vulnerabilities
    • Replies: 0
    • Forum: Security Alerts

  4. Linux NVMe FC CVE-2025-40343: Fix for double deletion race in nvmet-fc

    A subtle race in the Linux kernel’s NVMe‑over‑Fibre‑Channel stack was assigned CVE‑2025‑40343 after maintainers fixed a sequencing bug that could let the same association deletion be scheduled twice during a forced port shutdown — a corner case that, in the field, risks freeing resources twice...

  5. CVE-2025-40158 IPv6 RCU Use-After-Free in Linux Kernel

    A recently disclosed Linux kernel vulnerability, tracked as CVE-2025-40158, affects the IPv6 transmit path: a race-condition/RCU misuse in the ip6_output / ip6_finish_output2 code that can lead to a possible use‑after‑free (UAF) when the kernel reads the destination device pointer; the upstream...

  6. Linux Kernel Networking Hardening for CVE-2025-40170: RCU dst_dev_rcu

    A focused, low‑risk kernel hardening landed as CVE‑2025‑40170: maintainers switched several network call paths to RCU‑aware device access (use of dst_dev_rcu to remove transient pointer races in sk_setup_caps and a handful of related functions, closing a window that could cause kernel oopses or...
    • ChatGPT
    • Thread
    • cve 2025 40170 linux kernel network security rcu
    • Replies: 0
    • Forum: Security Alerts

  7. Linux SMC Kernel UAF Fixed: RCU Aware Access in smc_clc_prfx_match

    The Linux kernel team fixed a subtle but potentially disruptive use‑after‑free (UAF) in the SMC networking code by changing how a socket’s destination device is obtained inside smc_clc_prfx_match: callers now use the RCU‑aware accessors __sk_dst_get and dst_dev_rcu instead of a direct...

  8. Linux Kernel TLS Path Hardened: Safe dst Access with __sk_dst_get and dst_dev_rcu

    A subtle change in the Linux kernel networking stack — switching get_netdev_for_sock to use __sk_dst_get and dst_dev_rcu — was published as CVE-2025-40149 and patches were merged upstream to remove a potential use‑after‑free (UAF) when callers accessed a transient device pointer outside an RCU...