CVE-2025-40135

Linux Kernel 4.13-6.17.3 - Use-After-Free in ip6_xmit()

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF.

Scores

EPSS 0.0020
EPSS Percentile 10.3%

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

Status published
Products (17)
linux/Kernel 4.13.0 - 6.1.167linux
linux/Kernel 4.13.0 - 6.17.3linux
linux/Kernel 6.13.0 - 6.17.3linux
linux/Kernel 6.2.0 - 6.6.130linux
linux/Kernel 6.7.0 - 6.12.78linux
Linux/Linux < 4.13
Linux/Linux 4.13
Linux/Linux 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 - 9085e56501d93af9f2d7bd16f7fcfacdde47b99c
Linux/Linux 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 - bd0905e2122e3680968cd0741966983490bf2ed3
Linux/Linux 4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 - f0a54d00d2f36de40266f47c27989853e8588656
... and 7 more
Published Nov 12, 2025
Tracked Since Feb 18, 2026