[PATCH 6.12.y 0/2] net: dst: Backport fix CVE-2025-40075

Next message: Gyokhan Kochmarla: "[PATCH 1/2] net: dst: introduce dst-&gt;dev_rcu"
Previous message: Danilo Krummrich: "Re: [PATCH 16/46] rust: drm: add __rust_helper to helpers"
Next in thread: Gyokhan Kochmarla: "[PATCH 1/2] net: dst: introduce dst-&gt;dev_rcu"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Gyokhan Kochmarla

Date: Mon Dec 15 2025 - 16:52:32 EST

From: Gyokhan Kochmarla <gyokhan@xxxxxxxxxx>

This patch series backports two commits from mainline to fix CVE-2025-40075,
a data race vulnerability in dst->dev access.

The first patch introduces dst->dev_rcu and dst_dev_net_rcu() helper to
provide proper RCU protection with lockdep support. The second patch uses
the new helper in tcp_metrics to eliminate unsafe dst_dev() calls.

These are clean cherry-picks from mainline commits:
- caedcc5b6df1 ("net: dst: introduce dst->dev_rcu")
- 50c127a69cd6 ("tcp_metrics: use dst_dev_net_rcu()")

Eric Dumazet (2):
net: dst: introduce dst->dev_rcu
tcp_metrics: use dst_dev_net_rcu()

include/net/dst.h | 16 +++++++++++-----
net/core/dst.c | 2 +-
net/ipv4/route.c | 4 ++--
net/ipv4/tcp_metrics.c | 6 +++---
4 files changed, 17 insertions(+), 11 deletions(-)

--
2.47.3

Amazon Web Services Development Center Germany GmbH
Tamara-Danz-Str. 13
10243 Berlin
Geschaeftsfuehrung: Christof Hellmis, Andreas Stieger
Eingetragen am Amtsgericht Charlottenburg unter HRB 257764 B
Sitz: Berlin
Ust-ID: DE 365 538 597