Vulnerability in Linux
CVE-2025-40186
In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). syzbot reported the splat below in tcp_conn_request(). [0] If a listener is close()d while a TFO socket i…
EPSS: 0.002 (8.1th percentile) — read the EPSS interpretation.
Affected products
- Linux — versions 6.16.9, 5.4.300, dfd06131107e7b699ef1e2a24ed2f7d17c917753