CVE-2025-21642
📋 TL;DR
This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's MPTCP subsystem when accessing network namespace data via current->nsproxy during task exit. It allows local attackers to cause a kernel panic (denial of service) by triggering the vulnerable code path. Only Linux systems with MPTCP enabled are affected.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially disrupting all services on the affected system.
Likely Case
Local denial of service through kernel panic when specific conditions are met during process termination.
If Mitigated
No impact if MPTCP is disabled or the system is patched.
🎯 Exploit Status
Exploitation requires local access and triggering the specific code path during process exit. Found by syzbot fuzzer.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits: 6035702381c35a8f16757332381e58b348a9eaf9, c0e394fd6b887e84da17e38aaa6c1c104f9c86c2, d38e26e36206ae3d544d496513212ae931d1da0a)
Vendor Advisory: https://git.kernel.org/stable/c/6035702381c35a8f16757332381e58b348a9eaf9
Restart Required: Yes
Instructions:
1. Update to a patched kernel version from your distribution's repositories. 2. Rebuild kernel if using custom builds with the provided patches. 3. Reboot the system to load the new kernel.
🔧 Temporary Workarounds
Disable MPTCP
linuxDisable the MPTCP subsystem if not required, eliminating the vulnerability.
echo 0 > /proc/sys/net/mptcp/enabled
sysctl -w net.mptcp.enabled=0
🧯 If You Can't Patch
- Disable MPTCP using sysctl or kernel boot parameters
- Restrict local user access to prevent exploitation
🔍 How to Verify
Check if Vulnerable:
Check if MPTCP is enabled: cat /proc/sys/net/mptcp/enabled (if 1, potentially vulnerable if unpatched)Check Version:
uname -rVerify Fix Applied:
Check kernel version against patched versions from your distribution. Verify MPTCP functions normally after patch.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs mentioning 'general protection fault' in proc_scheduler+0xc6
- NULL pointer dereference errors in kernel logs
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
kernel: *general protection fault* AND *proc_scheduler* OR kernel: *NULL pointer dereference* AND *mptcp*