Linux Kernel vulnerability analysis and mitigation
Last updated
Last updated
CVE-2025-21759 affects the Linux kernel's IPv6 multicast functionality. The vulnerability was discovered in February 2025 and involves a potential Use-After-Free (UAF) issue in the igmp6send() function. The vulnerability occurs because igmp6send() can be called without RTNL or RCU being held, which could lead to unsafe network pointer fetching (Kernel Git).
The vulnerability exists in the igmp6send() function within the IPv6 multicast implementation. The issue stems from insufficient RCU (Read-Copy-Update) protection when accessing network namespace pointers. The function previously used sockallocsendskb() which was problematic because ipv6.igmpsk uses GFPKERNEL allocations that can sleep. The fix involves extending RCU protection and using allocskb() instead, while charging the net->ipv6.igmpsk socket under RCU protection (Kernel Git). The vulnerability has been assigned a CVSS v3.1 score of 5.5 (Medium) (Snyk).
The vulnerability could lead to a Use-After-Free condition when handling IPv6 multicast operations. This could potentially result in system crashes or memory corruption. The primary impact is on system availability, with a potential for complete loss of availability while the attack is ongoing (Snyk).
Upgrade ECS10xx/11xx/12xx/25xx to v1.2.115 to fix thisvulnerability.
Upgrade ECS55xx to v2.2.45 to fix this vulnerability.