NVD

CVE-2025-21758 Detail

Modified

This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes.

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk socket under RCU protection.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: 5.5 MEDIUM

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)
https://git.kernel.org/stable/c/1b91c597b0214b1b462eb627ec02658c944623f2	kernel.org	Patch
https://git.kernel.org/stable/c/25195f9d5ffcc8079ad743a50c0409dbdc48d98a	kernel.org	Patch
https://git.kernel.org/stable/c/29fa42197f26a97cde29fa8c40beddf44ea5c8f3	kernel.org	Patch
https://git.kernel.org/stable/c/a527750d877fd334de87eef81f1cb5f0f0ca3373	kernel.org	Patch
https://git.kernel.org/stable/c/d60d493b0e65647e0335e6a7c4547abcea7df8e9	kernel.org	Patch
https://git.kernel.org/stable/c/e8af3632a7f2da83e27b083f787bced1faba00b1	kernel.org	Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html	CVE

Weakness Enumeration

CWE-ID	CWE Name	Source
NVD-CWE-noinfo	Insufficient Information	NIST

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

4 change records found show changes

Initial Analysis by NIST 10/28/2025 4:50:15 PM

Action	Type	New Value
Added	CVSS V3.1	AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Added	CWE	NVD-CWE-noinfo
Added	CPE Configuration	OR cpe:2.3:o:linux:linux_kernel:6.14:rc1::::::* cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.13 up to (excluding) 6.13.4 cpe:2.3:o:linux:linux_kernel:6.14:rc2::::::* cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.2 up to (excluding) 6.6.79 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.7 up to (excluding) 6.12.16 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.16 up to (excluding) 6.1.129 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 2.6.26 up to (excluding) 5.15.179
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/1b91c597b0214b1b462eb627ec02658c944623f2 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/25195f9d5ffcc8079ad743a50c0409dbdc48d98a Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/29fa42197f26a97cde29fa8c40beddf44ea5c8f3 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/a527750d877fd334de87eef81f1cb5f0f0ca3373 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/d60d493b0e65647e0335e6a7c4547abcea7df8e9 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/e8af3632a7f2da83e27b083f787bced1faba00b1 Types: Patch

New CVE Received from kernel.org 2/26/2025 10:15:16 PM

Action	Type	New Value
Added	Description	In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk socket under RCU protection.
Added	Reference	https://git.kernel.org/stable/c/1b91c597b0214b1b462eb627ec02658c944623f2
Added	Reference	https://git.kernel.org/stable/c/25195f9d5ffcc8079ad743a50c0409dbdc48d98a
Added	Reference	https://git.kernel.org/stable/c/a527750d877fd334de87eef81f1cb5f0f0ca3373
Added	Reference	https://git.kernel.org/stable/c/d60d493b0e65647e0335e6a7c4547abcea7df8e9
Added	Reference	https://git.kernel.org/stable/c/e8af3632a7f2da83e27b083f787bced1faba00b1

Quick Info

CVE Dictionary Entry:
CVE-2025-21758
NVD Published Date:
02/26/2025
NVD Last Modified:
11/03/2025
Source:
kernel.org

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2025-21758 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

CVE Modified by CVE 11/03/2025 3:17:14 PM

Initial Analysis by NIST 10/28/2025 4:50:15 PM

CVE Modified by kernel.org 3/13/2025 9:15:52 AM

New CVE Received from kernel.org 2/26/2025 10:15:16 PM

Quick Info