CVE-2025-21635
Jan. 19, 2025, 11:15 a.m.
None
No Score
Description
In the Linux kernel, the following vulnerability has been resolved:
rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
As mentioned in a previous commit of this series, using the 'net'
structure via 'current' is not recommended for different reasons:
- Inconsistency: getting info from the reader's/writer's netns vs only
from the opener's netns.
- current->nsproxy can be NULL in some cases, resulting in an 'Oops'
(null-ptr-deref), e.g. when the current task is exiting, as spotted by
syzbot [1] using acct(2).
The per-netns structure can be obtained from the table->data using
container_of(), then the 'net' one can be retrieved from the listen
socket (if available).
Product(s) Impacted
| Product | Versions |
|---|---|
| Linux kernel |
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
Tags
Timeline
Published: Jan. 19, 2025, 11:15 a.m.
Last Modified: Jan. 19, 2025, 11:15 a.m.
Last Modified: Jan. 19, 2025, 11:15 a.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
416baaa9-dc9f-4396-8d5f-8c081fb06d67
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.