CVE-2025-21758
📋 TL;DR
A race condition vulnerability in the Linux kernel's IPv6 multicast implementation where mld_newpack() function can be called without proper RCU (Read-Copy-Update) protection. This could lead to use-after-free conditions or kernel crashes. Affects Linux systems with IPv6 enabled and multicast functionality.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially allowing local privilege escalation if combined with other vulnerabilities.
Likely Case
System instability, kernel crashes, or denial of service affecting IPv6 multicast operations.
If Mitigated
Minimal impact with proper kernel hardening and IPv6 multicast not in critical use.
🎯 Exploit Status
Exploitation requires local access and ability to trigger IPv6 multicast operations. Race conditions are timing-sensitive and harder to exploit reliably.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions with commits: 1b91c597b0214b1b462eb627ec02658c944623f2, 25195f9d5ffcc8079ad743a50c0409dbdc48d98a, 29fa42197f26a97cde29fa8c40beddf44ea5c8f3, a527750d877fd334de87eef81f1cb5f0f0ca3373, d60d493b0e65647e0335e6a7c4547abcea7df8e9
Vendor Advisory: https://git.kernel.org/stable/c/1b91c597b0214b1b462eb627ec02658c944623f2
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable IPv6 Multicast
linuxDisable IPv6 multicast functionality to prevent triggering vulnerable code path
sysctl -w net.ipv6.conf.all.mc_forwarding=0
sysctl -w net.ipv6.conf.default.mc_forwarding=0
Disable IPv6 Entirely
linuxCompletely disable IPv6 if not required
sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1
🧯 If You Can't Patch
- Implement strict access controls to limit local user privileges
- Monitor system logs for kernel panics or instability related to IPv6 multicast operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare with patched versions from kernel git repositoryCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes one of the fix commits: grep -q '1b91c597b0214b1b462eb627ec02658c944623f2\|25195f9d5ffcc8079ad743a50c0409dbdc48d98a\|29fa42197f26a97cde29fa8c40beddf44ea5c8f3\|a527750d877fd334de87eef81f1cb5f0f0ca3373\|d60d493b0e65647e0335e6a7c4547abcea7df8e9' /proc/version📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- IPv6 multicast-related errors
- System crash/reboot events
Network Indicators:
- Unusual IPv6 multicast traffic patterns
- System instability during IPv6 multicast operations
SIEM Query:
source="kern.log" AND ("panic" OR "Oops" OR "general protection fault") AND ("mld" OR "multicast" OR "ipv6")🔗 References
- https://git.kernel.org/stable/c/1b91c597b0214b1b462eb627ec02658c944623f2
- https://git.kernel.org/stable/c/25195f9d5ffcc8079ad743a50c0409dbdc48d98a
- https://git.kernel.org/stable/c/29fa42197f26a97cde29fa8c40beddf44ea5c8f3
- https://git.kernel.org/stable/c/a527750d877fd334de87eef81f1cb5f0f0ca3373
- https://git.kernel.org/stable/c/d60d493b0e65647e0335e6a7c4547abcea7df8e9
- https://git.kernel.org/stable/c/e8af3632a7f2da83e27b083f787bced1faba00b1
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
