CVE-2025-40186Premature Release of Resource During Expected Lifetime in Linux

CWE-826Premature Release of Resource During Expected Lifetime15 documents6 sources
Severity
7.0HIGH
No vector
EPSS
0.0%
top 87.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedNov 12
Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). syzbot reported the splat below in tcp_conn_request(). [0] If a listener is close()d while a TFO socket is being processed in tcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk->sk and calls inet_child_forget(), which calls tcp_disconnect() for the TFO socket. After the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(), where reqsk_put()

Affected Packages6 packages

Linuxlinux/linux_kernel5.5.05.10.246+6
Debianlinux/linux_kernel< 5.10.247-1+3
Ubuntulinux/linux_kernel< 6.17.0-14.14
CVEListV5linux/linux7ec092a91ff351dcde89c23e795b73a328274db6e359b742eac1eac75cff4e38ee2e8cea492acd9b+9
debiandebian/linux< linux 6.1.158-1 (bookworm)

🔴Vulnerability Details

8
OSV
linux-azure vulnerabilities2026-02-24
OSV
linux-oem-6.17 vulnerabilities2026-02-17
OSV
linux-aws, linux-oracle vulnerabilities2026-02-17
OSV
linux-gcp vulnerabilities2026-02-12
OSV
linux, linux-raspi, linux-realtime vulnerabilities2026-02-12

📋Vendor Advisories

6
Ubuntu
Linux kernel (Azure) vulnerabilities2026-02-24
Ubuntu
Linux kernel (OEM) vulnerabilities2026-02-17
Ubuntu
Linux kernel (GCP) vulnerabilities2026-02-12
Ubuntu
Linux kernel vulnerabilities2026-02-12
Red Hat
kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability2025-11-12