CVE-2025-21762
Published: 27 February 2025
Description
In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
Security Summary
CVE-2025-21762 is a use-after-free (UAF) vulnerability in the Linux kernel's ARP implementation, specifically in the arp_xmit() function, which can be invoked without proper RTNL or RCU protection. This flaw, tied to CWE-416, affects the Linux kernel and was published on 2025-02-27 with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
A local attacker with low privileges can exploit this vulnerability due to its low attack complexity and lack of required user interaction. Successful exploitation could grant high-impact confidentiality, integrity, and availability violations, such as arbitrary kernel memory corruption, potentially leading to privilege escalation, denial of service, or code execution within the kernel context.
Mitigation involves applying the relevant stable kernel patches referenced in the advisory, including commits such as 01d1b5c9abcaff29a43f1d17a19c33eec92c7dbe, 10f555e3f573d004ae9d89b3276abb58c4ede5c3, 2c331718d3389b6c5f6855078ab7171849e016bd, 307cd1e2d3cb1cbc6c40c679cada6d7168b18431, and a42b69f692165ec39db42d595f4f65a4c8f42e44 from git.kernel.org, which introduce RCU protection to arp_xmit() to prevent the UAF.
Details
- CWE(s)