CVE-2025-40257 | Linux Kernel up to 6.6.117/6.12.59/6.17.9 mptcp_pm_del_add_timer use after free

A vulnerability labeled as critical has been found in Linux Kernel up to 6.6.117/6.12.59/6.17.9. The impacted element is the function mptcp_pm_del_add_timer. Executing manipulation of the argument add_timer can lead to use after free.

This vulnerability is registered as CVE-2025-40257. The attack requires access to the local network. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More