CVE-2025-21760— ndisc: extend RCU protection in ndisc_send_skb()

AI Predicted 5.9 Difficulty: Hard EPSS 0.19% · P41 Updated May 13, 2026

Affected Version Matrix 18

Vendor	Product	Version Range	Status
Linux	Linux	`1762f7e88eb34f653b4a915be99a102e347dd45e< 10a1f3fece2f0d23a3a618b72b2b4e6f408ef7d1`	affected
		`1762f7e88eb34f653b4a915be99a102e347dd45e< 4d576202b90b1b95a7c428a80b536f91b8201bcc`	affected
		`1762f7e88eb34f653b4a915be99a102e347dd45e< e24d225e4cb8cf108bde00b76594499b98f0a74d`	affected
		`1762f7e88eb34f653b4a915be99a102e347dd45e< a9319d800b5701e7f5e3fa71a5b7c4831fc20d6d`	affected
		`1762f7e88eb34f653b4a915be99a102e347dd45e< ae38982f521621c216fc2f5182cd091f4734641d`	affected
		`1762f7e88eb34f653b4a915be99a102e347dd45e< 789230e5a8c1097301afc802e242c79bc8835c67`	affected
		`1762f7e88eb34f653b4a915be99a102e347dd45e< 04e05112f10354ffc3bb6cc796d553bab161594c`	affected
		`1762f7e88eb34f653b4a915be99a102e347dd45e< ed6ae1f325d3c43966ec1b62ac1459e2b8e45640`	affected
… +10 more rows

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-21760

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

ndisc: extend RCU protection in ndisc_send_skb()

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 资源管理错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于ndisc_send_skb函数未使用RCU保护，可能导致释放后重用。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	1762f7e88eb34f653b4a915be99a102e347dd45e ~ 10a1f3fece2f0d23a3a618b72b2b4e6f408ef7d1	-
Linux	Linux	2.6.26	-

II. Public POCs for CVE-2025-21760

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-21760

请登录查看更多情报信息。

Patches & Fixes for CVE-2025-21760 (5)

Other References for CVE-2025-21760 (3)

https://nvd.nist.gov/vuln/detail/CVE-2025-21760

Same Patch Batch · Linux · 2025-02-27 · 177 CVEs total

CVE-2025-21756	7.8 HIGH	vsock: Keep the binding until socket destruction
CVE-2025-21773		can: etas_es58x: fix potential NULL pointer dereference on udev->serial
CVE-2025-21763		neighbour: use RCU protection in __neigh_notify()
CVE-2025-21762		arp: use RCU protection in arp_xmit()
CVE-2025-21764		ndisc: use RCU protection in ndisc_alloc_skb()
CVE-2025-21765		ipv6: use RCU protection in ip6_default_advmss()
CVE-2025-21766		ipv4: use RCU protection in __ip_rt_update_pmtu()
CVE-2025-21767		clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context
CVE-2025-21769		ptp: vmclock: Add .owner to vmclock_miscdev_fops
CVE-2025-21768		net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels
CVE-2025-21771		sched_ext: Fix incorrect autogroup migration detection
CVE-2025-21770		iommu: Fix potential memory leak in iopf_queue_remove_device()
CVE-2025-21777		ring-buffer: Validate the persistent meta data subbuf array
CVE-2025-21783		gpiolib: Fix crash on error in gpiochip_get_ngpios()
CVE-2025-21781		batman-adv: fix panic during interface removal
CVE-2025-21780		drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()
CVE-2025-21779		KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel
CVE-2025-21778		tracing: Do not allow mmap() of persistent ring buffer
CVE-2025-21774		can: rockchip: rkcanfd_handle_rx_fifo_overflow_int(): bail out if skb cannot be allocated
CVE-2025-21772		partitions: mac: fix handling of bogus partition table

Showing top 20 of 177 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2025-21760

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-21760— ndisc: extend RCU protection in ndisc_send_skb()

Affected Version Matrix 18

I. Basic Information for CVE-2025-21760

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-21760

III. Intelligence Information for CVE-2025-21760

Patches & Fixes for CVE-2025-21760 (5)

Other References for CVE-2025-21760 (3)

Same Patch Batch · Linux · 2025-02-27 · 177 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-21760

Leave a comment