Acknowledged
Created: Oct 26, 2025
Updated: Oct 28, 2025
Found In Version: 10.24.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 24
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]ipvs: Defer ip_vs_ftp unregister during netns cleanup[EOL][EOL]On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp[EOL]before connections with valid cp->app pointers are flushed, leading to a[EOL]use-after-free.[EOL][EOL]Fix this by introducing a global `exiting_module` flag, set to true in[EOL]ip_vs_ftp_exit() before unregistering the pernet subsystem. In[EOL]__ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns[EOL]cleanup (when exiting_module is false) and defer it to[EOL]__ip_vs_cleanup_batch(), which unregisters all apps after all connections[EOL]are flushed. If called during module exit, unregister ip_vs_ftp[EOL]immediately.
