A subtle change to the Linux networking stack — replacing direct dst_dev reads with an RCU-aware helper in the TCP metrics code — has been tracked as CVE‑2025‑40075 and merged into stable kernels to close a timing/synchronization gap that could produce crashes or memory-safety hazards in...
