Acknowledged
Created: Jul 3, 2025
Updated: Jul 8, 2025
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]net: Fix TOCTOU issue in sk_is_readable()[EOL][EOL]sk->sk_prot->sock_is_readable is a valid function pointer when sk resides[EOL]in a sockmap. After the last sk_psock_put() (which usually happens when[EOL]socket is removed from sockmap), sk->sk_prot gets restored and[EOL]sk->sk_prot->sock_is_readable becomes NULL.[EOL][EOL]This makes sk_is_readable() racy, if the value of sk->sk_prot is reloaded[EOL]after the initial check. Which in turn may lead to a null pointer[EOL]dereference.[EOL][EOL]Ensure the function pointer does not turn NULL after the check.
CREATE(Triage):(User=lchen-cn) [CVE-2025-38112 (https://nvd.nist.gov/vuln/detail/CVE-2025-38112)
