Use After Free The advisory has been revoked - it doesn't affect any version of package kernel-rt-64k-debug-devel-matched  (opens in a new tab)


Threat Intelligence

EPSS
0.17% (7th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-RHEL9-KERNELRT64KDEBUGDEVELMATCHED-13983238
  • published14 Nov 2025
  • disclosed12 Nov 2025

Introduced: 12 Nov 2025

CVE-2025-40170  (opens in a new tab)
CWE-416  (opens in a new tab)

Amendment

The Red Hat security team deemed this advisory irrelevant for RHEL:9.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-rt-64k-debug-devel-matched package and not the kernel-rt-64k-debug-devel-matched package as distributed by RHEL.

In the Linux kernel, the following vulnerability has been resolved:

net: use dst_dev_rcu() in sk_setup_caps()

Use RCU to protect accesses to dst->dev from sk_setup_caps() and sk_dst_gso_max_size().

Also use dst_dev_rcu() in ip6_dst_mtu_maybe_forward(), and ip_dst_mtu_maybe_forward().

ip4_dst_hoplimit() can use dst_dev_net_rcu().