VYPR
Medium severity5.5NVD Advisory· Published Jan 31, 2025· Updated Jun 17, 2026

CVE-2025-21669

CVE-2025-21669

Description

In the Linux kernel, the following vulnerability has been resolved:

vsock/virtio: discard packets if the transport changes

If the socket has been de-assigned or assigned to another transport, we must discard any packets received because they are not expected and would cause issues when we access vsk->transport.

A possible scenario is described by Hyunwoo Kim in the attached link, where after a first connect() interrupted by a signal, and a second connect() failed, we can find vsk->transport at NULL, leading to a NULL pointer dereference.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

71

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.