CVE-2025-40075 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

tcp_metrics: use dst_dev_net_rcu()

Replace three dst_dev() with a lockdep enabled helper.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/07613a95326ebad2d1b88d883cd72546025a4f3e
https://git.kernel.org/stable/c/50c127a69cd6285300931853b352a1918cfa180f

History

Tue, 28 Oct 2025 12:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: use dst_dev_net_rcu() Replace three dst_dev() with a lockdep enabled helper.
Title		tcp_metrics: use dst_dev_net_rcu()
References		https://git.kernel.org/stable/c/07613a95326ebad2d1b88d883cd72546025a4f3e https://git.kernel.org/stable/c/50c127a69cd6285300931853b352a1918cfa180f

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-28T11:48:41.791Z

Updated: 2025-10-28T11:48:41.791Z

Reserved: 2025-04-16T07:20:57.160Z

Link: CVE-2025-40075

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-28T12:15:42.053

Modified: 2025-10-28T12:15:42.053

Link: CVE-2025-40075

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-40075", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.160Z", "datePublished": "2025-10-28T11:48:41.791Z", "dateUpdated": "2025-10-28T11:48:41.791Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-10-28T11:48:41.791Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_metrics: use dst_dev_net_rcu()\n\nReplace three dst_dev() with a lockdep enabled helper."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/tcp_metrics.c"], "versions": [{"version": "4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36", "lessThan": "07613a95326ebad2d1b88d883cd72546025a4f3e", "status": "affected", "versionType": "git"}, {"version": "4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36", "lessThan": "50c127a69cd6285300931853b352a1918cfa180f", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/tcp_metrics.c"], "versions": [{"version": "4.13", "status": "affected"}, {"version": "0", "lessThan": "4.13", "status": "unaffected", "versionType": "semver"}, {"version": "6.17.3", "lessThanOrEqual": "6.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.13", "versionEndExcluding": "6.17.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.13", "versionEndExcluding": "6.18-rc1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/07613a95326ebad2d1b88d883cd72546025a4f3e"}, {"url": "https://git.kernel.org/stable/c/50c127a69cd6285300931853b352a1918cfa180f"}], "title": "tcp_metrics: use dst_dev_net_rcu()", "x_generator": {"engine": "bippy-1.2.0"}}}}