CVE-2025-21865

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Mar 12, 2025

Updated: Mar 13, 2025

CWE ID 787

Summary

CVE-2025-21865 is a vulnerability affecting the Linux kernel. It was identified in the gtp (GTP over IP) subsystem and specifically in the gtp_net_exit_batch_rtnl() function. The issue arises from the use of the for_each_netdev() loop, which can result in the device being unlinked twice, leading to list corruption. This can occur when the netns (network namespace) of the device's UDP socket is different from the one containing the gtp device. The corruption causes the kernel to crash and panic. To mitigate this issue, it is recommended to remove the for_each_netdev() loop in gtp_net_exit_batch_rtnl() and delegate the destruction to the default_device_exit_batch() as done in bareudp. This vulnerability was reported by Brad Spengler and assigned the kernel bug number [0].

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners