CVE-2025-40258 | Linux Kernel up to 6.6.117/6.12.59/6.17.9 mptcp lib/refcount.c mptcp_schedule_work use after free

December 4, 2025 Yanac

A vulnerability has been found in Linux Kernel up to 6.6.117/6.12.59/6.17.9 and classified as critical. Affected by this vulnerability is the function mptcp_schedule_work in the library lib/refcount.c of the component mptcp. Performing manipulation results in use after free.

This vulnerability was named CVE-2025-40258. The attack needs to be approached within the local network. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More