CVE-2025-21641

MEDIUM 5.5

mptcp: sysctl: blackhole timeout: avoid using current->nsproxy

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: mptcp: sysctl: blackhole timeout: avoid using current->nsproxy As mentioned in the previous commit, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the reader's/writer's netns vs only from the opener's netns. - current->nsproxy can be NULL in some cases, resulting in an 'Oops' (null-ptr-deref), e.g. when the current task is exiting, as spotted by syzbot [1] using acct(2). The 'pernet' structure can be obtained from the table->data using container_of().

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jan 19, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

27069e7cb3d1cea9377069266acf19b9cc5ad0ae < 4c74fbdc5ab95b13945be01e6065940b68222db7 27069e7cb3d1cea9377069266acf19b9cc5ad0ae < 92cf7a51bdae24a32c592adcdd59a773ae149289

Linux / Linux

6.12

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/4c74fbdc5ab95b13945be01e6065940b68222db7 git.kernel.org: https://git.kernel.org/stable/c/92cf7a51bdae24a32c592adcdd59a773ae149289