#VU104943 Use-after-free in Linux kernel - CVE-2025-21763

Cybersecurity Help s.r.o.

Published: 2025-02-27

Vulnerability identifier: #VU104943

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21763

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __neigh_notify() function in net/core/neighbour.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

External links
https://git.kernel.org/stable/c/1cbb2aa90cd3fba15ad7efb5cdda28f3d1082379
https://git.kernel.org/stable/c/559307d25235e24b5424778c7332451b6c741159
https://git.kernel.org/stable/c/784eb2376270e086f7db136d154b8404edacf97b
https://git.kernel.org/stable/c/becbd5850c03ed33b232083dd66c6e38c0c0e569
https://git.kernel.org/stable/c/cdd5c2a12ddad8a77ce1838ff9f29aa587de82df

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for the Linux Kernel

Use-after-free in Linux kernel core