Vulnerability in Linux

CVE-2025-40133

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable(). mptcp_active_enable() is called from subflow_finish_connect(), which is icsk->icsk_af_ops->sk_rx_ds…

EPSS: 0.002 (6.9th percentile) — read the EPSS interpretation.

Affected products

  • Linux — versions 27069e7cb3d1cea9377069266acf19b9cc5ad0ae, 6.12, 0

References