CVE-2025-40018

UNKNOWN 0.0

ipvs: Defer ip_vs_ftp unregister during netns cleanup

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Oct 24, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

61b1ab4583e275af216c8454b9256de680499b19 < 8a6ecab3847c213ce2855b0378e63ce839085de3 61b1ab4583e275af216c8454b9256de680499b19 < 421b1ae1574dfdda68b835c15ac4921ec0030182 61b1ab4583e275af216c8454b9256de680499b19 < 1d79471414d7b9424d699afff2aa79fff322f52d 61b1ab4583e275af216c8454b9256de680499b19 < 53717f8a4347b78eac6488072ad8e5adbaff38d9 61b1ab4583e275af216c8454b9256de680499b19 < 8cbe2a21d85727b66d7c591fd5d83df0d8c4f757 61b1ab4583e275af216c8454b9256de680499b19 < dc1a481359a72ee7e548f1f5da671282a7c13b8f 61b1ab4583e275af216c8454b9256de680499b19 < a343811ef138a265407167294275201621e9ebb2 61b1ab4583e275af216c8454b9256de680499b19 < 134121bfd99a06d44ef5ba15a9beb075297c0821

Linux / Linux

2.6.39

References

NVD ↗ CVE.org ↗ EPSS Data ↗