CVE-2025-40075
Description
In the Linux kernel, the following vulnerability has been resolved:
tcp_metrics: use dst_dev_net_rcu()
Replace three dst_dev() with a lockdep enabled helper.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In the Linux kernel, tcp_metrics replaces dst_dev() calls with dst_dev_net_rcu() to properly enable lockdep checking.
The vulnerability resides in the tcp_metrics subsystem of the Linux kernel. The code used the dst_dev() function without appropriate RCU lockdep annotation, which could lead to missing or false-positive lockdep warnings. The fix replaces three instances of dst_dev() with the lockdep-enabled helper dst_dev_net_rcu(), ensuring proper lock class tracking.
Exploitation requires triggering the code paths that invoke dst_dev() within tcp_metrics. An attacker with network access could potentially induce such paths by sending crafted network traffic that causes the kernel to evaluate tcp_metrics, though the specific prerequisites are minimal beyond general network reachability.
The primary impact is on system stability and debugging accuracy. Improper lockdep annotations can cause lockdep to either miss real locking bugs or report spurious warnings, potentially leading to undetected deadlocks or system crashes in production environments.
The fix has been committed to the Linux kernel stable tree as commit 50c127a69cd6. Users are advised to update to a kernel version containing this commit to ensure correct lockdep behavior.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
34b89397807eb07613a95326e50c127a69cd6Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3News mentions
0No linked articles in our index yet.