cve/published/2025/CVE-2025-21766.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu()

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 ipv4: use RCU protection in __ip_rt_update_pmtu()

 __ip_rt_update_pmtu() must use RCU protection to make
 sure the net structure it reads does not disappear.

 The Linux kernel CVE team has assigned CVE-2025-21766 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 5.15.179 with commit ce3c6165fce0f06305c806696882a3ad4b90e33f
 	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 6.1.129 with commit ea07480b23225942208f1b754fea1e7ec486d37e
 	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 6.6.79 with commit 9b1766d1ff5fe496aabe9fc5f4e34e53f35c11c4
 	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 6.12.16 with commit 4583748b65dee4d61bd50a2214715b4237bc152a
 	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 6.13.4 with commit a39f61d212d822b3062d7f70fa0588e50e55664e
 	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 6.14 with commit 139512191bd06f1b496117c76372b2ce372c9a41
 	Issue introduced in 4.14.200 with commit f415c264176e6095e9dee823e09c5bdd0ee0d337
 	Issue introduced in 4.19.148 with commit 98776a365da509ad923083ae54b38ee521c52742
 	Issue introduced in 5.4.68 with commit 860e2cc78c697c95bc749abb20047239fa1722ea
 	Issue introduced in 5.8.12 with commit 2b1be6c925cdf4638811765a9160796291494b89

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2025-21766
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	net/ipv4/route.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/ce3c6165fce0f06305c806696882a3ad4b90e33f
 	https://git.kernel.org/stable/c/ea07480b23225942208f1b754fea1e7ec486d37e
 	https://git.kernel.org/stable/c/9b1766d1ff5fe496aabe9fc5f4e34e53f35c11c4
 	https://git.kernel.org/stable/c/4583748b65dee4d61bd50a2214715b4237bc152a
 	https://git.kernel.org/stable/c/a39f61d212d822b3062d7f70fa0588e50e55664e
 	https://git.kernel.org/stable/c/139512191bd06f1b496117c76372b2ce372c9a41
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu()

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	ipv4: use RCU protection in __ip_rt_update_pmtu()

	__ip_rt_update_pmtu() must use RCU protection to make
	sure the net structure it reads does not disappear.

	The Linux kernel CVE team has assigned CVE-2025-21766 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 5.15.179 with commit ce3c6165fce0f06305c806696882a3ad4b90e33f
	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 6.1.129 with commit ea07480b23225942208f1b754fea1e7ec486d37e
	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 6.6.79 with commit 9b1766d1ff5fe496aabe9fc5f4e34e53f35c11c4
	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 6.12.16 with commit 4583748b65dee4d61bd50a2214715b4237bc152a
	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 6.13.4 with commit a39f61d212d822b3062d7f70fa0588e50e55664e
	Issue introduced in 5.9 with commit 2fbc6e89b2f1403189e624cabaf73e189c5e50c6 and fixed in 6.14 with commit 139512191bd06f1b496117c76372b2ce372c9a41
	Issue introduced in 4.14.200 with commit f415c264176e6095e9dee823e09c5bdd0ee0d337
	Issue introduced in 4.19.148 with commit 98776a365da509ad923083ae54b38ee521c52742
	Issue introduced in 5.4.68 with commit 860e2cc78c697c95bc749abb20047239fa1722ea
	Issue introduced in 5.8.12 with commit 2b1be6c925cdf4638811765a9160796291494b89

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2025-21766
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	net/ipv4/route.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/ce3c6165fce0f06305c806696882a3ad4b90e33f
	https://git.kernel.org/stable/c/ea07480b23225942208f1b754fea1e7ec486d37e
	https://git.kernel.org/stable/c/9b1766d1ff5fe496aabe9fc5f4e34e53f35c11c4
	https://git.kernel.org/stable/c/4583748b65dee4d61bd50a2214715b4237bc152a
	https://git.kernel.org/stable/c/a39f61d212d822b3062d7f70fa0588e50e55664e
	https://git.kernel.org/stable/c/139512191bd06f1b496117c76372b2ce372c9a41