DEBIAN-CVE-2025-40135

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2025-40135
Published: 12 Nov 2025, 11:15
Last modified:02 May 2026, 10:00

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

12 Nov 2025, 11:15
Published
Vulnerability first disclosed
02 May 2026, 10:00
Last Modified
Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF.

Affected Systems

  • debianlinux

    all | all | all | < 6.1.170-1 | < 6.12.85-1 | < 6.17.6-1

  • debianlinux-6.1

    < 6.1.170-1~deb11u1

References (1)