SB2025100969 - Resource management error in Linux kernel ipv4
Published: October 9, 2025
Security Bulletin ID
SB2025100969
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2025-39955)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tcp_disconnect() function in net/ipv4/tcp.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/17d699727577814198d744d6afe54735c6b54c99
- https://git.kernel.org/stable/c/33a4fdf0b4a25f8ce65380c3b0136b407ca57609
- https://git.kernel.org/stable/c/45c8a6cc2bcd780e634a6ba8e46bffbdf1fc5c01
- https://git.kernel.org/stable/c/7ec092a91ff351dcde89c23e795b73a328274db6
- https://git.kernel.org/stable/c/a4378dedd6e07e62f2fccb17d78c9665718763d0
- https://git.kernel.org/stable/c/ae313d14b45eca7a6bb29cb9bf396d977e7d28fb
- https://git.kernel.org/stable/c/dfd06131107e7b699ef1e2a24ed2f7d17c917753
- https://git.kernel.org/stable/c/fa4749c065644af4db496b338452a69a3e5147d9