CVE-2025-21635

EUVD-2025-2584
In the Linux kernel, the following vulnerability has been resolved:

rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy

As mentioned in a previous commit of this series, using the 'net'
structure via 'current' is not recommended for different reasons:

- Inconsistency: getting info from the reader's/writer's netns vs only
  from the opener's netns.

- current->nsproxy can be NULL in some cases, resulting in an 'Oops'
  (null-ptr-deref), e.g. when the current task is exiting, as spotted by
  syzbot [1] using acct(2).

The per-netns structure can be obtained from the table->data using
container_of(), then the 'net' one can be retrieved from the listen
socket (if available).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
4.6 ≤
𝑥
< 6.12.10
linuxlinux_kernel
6.13:rc1
linuxlinux_kernel
6.13:rc2
linuxlinux_kernel
6.13:rc3
linuxlinux_kernel
6.13:rc4
linuxlinux_kernel
6.13:rc5
linuxlinux_kernel
6.13:rc6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
6.19.14-1
fixed
sid
7.0.4-1
fixed
trixie
6.12.73-1
fixed
trixie (security)
6.12.86-1
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
cluster-md-kmp-default
suse enterprise server 12 SP5
4.12.14-122.258.1
fixed
dlm-kmp-default
suse enterprise server 12 SP5
4.12.14-122.258.1
fixed
gfs2-kmp-default
suse enterprise server 12 SP5
4.12.14-122.258.1
fixed
kernel-64kb
suse enterprise desktop 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.34.2
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.34.2
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.3.1
fixed
kernel-default
suse enterprise desktop 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 12 SP5
4.12.14-122.258.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-default-base
suse enterprise desktop 15 SP6
6.4.0-150600.23.47.2.150600.12.20.2
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1.150700.17.2.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.47.2.150600.12.20.2
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1.150700.17.2.1
fixed
suse enterprise server 12 SP5
4.12.14-122.258.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.47.2.150600.12.20.2
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1.150700.17.2.1
fixed
kernel-default-man
suse enterprise server 12 SP5
4.12.14-122.258.1
fixed
kernel-docs
suse enterprise desktop 15 SP6
6.4.0-150600.23.47.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.47.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.47.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-macros
suse enterprise desktop 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 12 SP5
4.12.14-122.258.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-obs-build
suse enterprise desktop 15 SP6
6.4.0-150600.23.47.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.47.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.47.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-source
suse enterprise desktop 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 12 SP5
4.12.14-122.258.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-source-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.34.2
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.34.2
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.3.1
fixed
kernel-syms
suse enterprise desktop 15 SP6
6.4.0-150600.23.47.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.47.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 12 SP5
4.12.14-122.258.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.47.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
kernel-syms-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.34.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.34.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.3.1
fixed
kernel-zfcpdump
suse enterprise desktop 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.3.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.47.2
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.3.1
fixed
ocfs2-kmp-default
suse enterprise server 12 SP5
4.12.14-122.258.1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/7f5611cbc4871c7fb1ad36c2e5a9edad63dca95c
https://git.kernel.org/stable/c/de8d6de0ee27be4b2b1e5b06f04aeacbabbba492