CVE-2025-40158

UNKNOWN 0.0

ipv6: use RCU in ip6_output()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_output() Use RCU in ip6_output() in order to use dst_dev_rcu() to prevent possible UAF. We can remove rcu_read_lock()/rcu_read_unlock() pairs from ip6_finish_output2().

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Nov 12, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 < 0393f85c3241c19ba8550f04a812e7d19f6b3082 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 < 11709573cc4e48dc34c80fc7ab9ce5b159e29695

Linux / Linux

4.13

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/0393f85c3241c19ba8550f04a812e7d19f6b3082 git.kernel.org: https://git.kernel.org/stable/c/11709573cc4e48dc34c80fc7ab9ce5b159e29695