CVE-2025-38248
bridge: mcast: Fix use-after-free during router port configuration
References
Notes
carnil> Introduced in 2796d846d74a ("net: bridge: vlan: convert mcast router global
carnil> option to per-vlan entry")
carnil> 4b30ae9adb04 ("net: bridge: mcast: re-implement br_multicast_{enable,
carnil> disable}_port functions"). Vulnerable versions: 5.15.
Bugs
Status
| Branch |
Status |
| upstream |
released (6.16-rc4) [7544f3f5b0b58c396f374d060898b5939da31709]
|
| 6.19-upstream-stable |
N/A "Fixed before branching point"
|
| 6.18-upstream-stable |
N/A "Fixed before branching point"
|
| 6.17-upstream-stable |
N/A "Fixed before branching point"
|
| 6.15-upstream-stable |
released (6.15.5) [f05a4f9e959e0fc098046044c650acf897ea52d2]
|
| 6.12-upstream-stable |
released (6.12.67) [bdced577da71b118b6ed4242ebd47f81bf54d406]
|
| 6.6-upstream-stable |
released (6.6.122) [4d3c2a1d4c7c33103f1ddfdbc5cfe1ea4f6d0dcd]
|
| 6.1-upstream-stable |
needed
|
| 5.10-upstream-stable |
N/A "Vulnerable code not present"
|
| sid |
released (6.16.3-1)
|
| 6.12-trixie-security |
released (6.12.69-1)
|
| 6.1-bookworm-security |
needed
|
| 5.10-bullseye-security |
N/A "Vulnerable code not present"
|
