CVE-2025-21764

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 27, 2025

Updated: Mar 13, 2025

CWE ID 416

Summary

CVE-2025-21764 is a newly identified vulnerability in the Linux kernel. Specifically, an issue was discovered with the function ndisc_alloc_skb(), which can be called without the necessary RTNL or RCU (Read-Copy-Update) locks. This lack of protection can potentially lead to a Use-After-Free (UAF) condition. To address this issue, RCU protection has been added to the function to ensure proper synchronization and prevent potential memory corruption.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3xm295
https://www.cve.org/CVERecord?id=CVE-2025-21764
https://nvd.nist.gov/vuln/detail/CVE-2025-21764

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2025-21764

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations