CVE-2025-39950 | Linux Kernel up to 6.12.48/6.16.8 tcp_ao_finish_connect null pointer dereference

October 4, 2025 Yanac

A vulnerability has been found in Linux Kernel up to 6.12.48/6.16.8 and classified as critical. Affected is the function tcp_ao_finish_connect. The manipulation leads to null pointer dereference.

This vulnerability is traded as CVE-2025-39950. Access to the local network is required for this attack to succeed. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More