In the Linux kernel, the following vulnerability has been resolved:
net: better track kernel sockets lifetime
While kernel sockets are dismantled during pernetoperations->exit(), their freeing can be delayed by any tx packets still held in qdisc or device queues, due to skbsetownerw() prior calls.
This then trigger the following warning from reftrackerdir_exit() [1]
To fix this, make sure that kernel sockets own a reference on net->passive.
Add sknetrefcnt_upgrade() helper, used whenever a kernel socket is converted to a refcounted one.
[1]
[ 136.263918][ T35] reftracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at [ 136.263918][ T35] skalloc+0x2b3/0x370 [ 136.263918][ T35] inet6create+0x6ce/0x10f0 [ 136.263918][ T35] _sockcreate+0x4c0/0xa30 [ 136.263918][ T35] inetctlsockcreate+0xc2/0x250 [ 136.263918][ T35] igmp6netinit+0x39/0x390 [ 136.263918][ T35] opsinit+0x31e/0x590 [ 136.263918][ T35] setupnet+0x287/0x9e0 [ 136.263918][ T35] copynetns+0x33f/0x570 [ 136.263918][ T35] createnewnamespaces+0x425/0x7b0 [ 136.263918][ T35] unsharensproxynamespaces+0x124/0x180 [ 136.263918][ T35] ksysunshare+0x57d/0xa70 [ 136.263918][ T35] _x64sysunshare+0x38/0x40 [ 136.263918][ T35] dosyscall64+0xf3/0x230 [ 136.263918][ T35] entrySYSCALL64afterhwframe+0x77/0x7f [ 136.263918][ T35] [ 136.343488][ T35] reftracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at [ 136.343488][ T35] skalloc+0x2b3/0x370 [ 136.343488][ T35] inet6create+0x6ce/0x10f0 [ 136.343488][ T35] _sockcreate+0x4c0/0xa30 [ 136.343488][ T35] inetctlsockcreate+0xc2/0x250 [ 136.343488][ T35] ndiscnetinit+0xa7/0x2b0 [ 136.343488][ T35] opsinit+0x31e/0x590 [ 136.343488][ T35] setupnet+0x287/0x9e0 [ 136.343488][ T35] copynetns+0x33f/0x570 [ 136.343488][ T35] createnewnamespaces+0x425/0x7b0 [ 136.343488][ T35] unsharensproxynamespaces+0x124/0x180 [ 136.343488][ T35] ksysunshare+0x57d/0xa70 [ 136.343488][ T35] _x64sysunshare+0x38/0x40 [ 136.343488][ T35] dosyscall64+0xf3/0x230 [ 136.343488][ T35] entrySYSCALL64afterhwframe+0x77/0x7f
[
{
"signature_type": "Function",
"target": {
"function": "smc_create_clcsk",
"file": "net/smc/af_smc.c"
},
"deprecated": false,
"digest": {
"function_hash": "256719362092566788276425534786176537353",
"length": 454.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-008d2efd"
},
{
"signature_type": "Line",
"target": {
"file": "net/sunrpc/svcsock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"307950930657288716725909654150840597519",
"136186424563951438989528421514442869757",
"51640694766348621686102104700545056467",
"32908006356526877743250698109337009304",
"205665512665232505152413767460040950131",
"192269166044464760472325615756760965929",
"12166910369276296911939358894367226412"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-08ca0f86"
},
{
"signature_type": "Function",
"target": {
"function": "rds_tcp_tune",
"file": "net/rds/tcp.c"
},
"deprecated": false,
"digest": {
"function_hash": "12471898206548186134819899401200269678",
"length": 716.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-0e33c484"
},
{
"signature_type": "Function",
"target": {
"function": "svc_create_socket",
"file": "net/sunrpc/svcsock.c"
},
"deprecated": false,
"digest": {
"function_hash": "286677212632872951560197876357152942406",
"length": 1491.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-133b4069"
},
{
"signature_type": "Function",
"target": {
"function": "sk_clone_lock",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "117130680780162225193399035711644006644",
"length": 2130.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-1bce68e0"
},
{
"signature_type": "Function",
"target": {
"function": "__sk_destruct",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "286644204726089909913475599740903795708",
"length": 936.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-31aeedf4"
},
{
"signature_type": "Line",
"target": {
"file": "net/smc/af_smc.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"236088172862425845712261038674672433961",
"93265690075294321697964030767868789191",
"24677585738707729308791528382912308217",
"31089885083331397419270816813772655471",
"295700965112063947198303950396974521296",
"231546431655631528530927814820232830757",
"5736941706149015180614400848916853300"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-34631f4f"
},
{
"signature_type": "Function",
"target": {
"function": "sk_alloc",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "268086479889213382134793301030235073148",
"length": 766.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-359277d5"
},
{
"signature_type": "Function",
"target": {
"function": "xs_create_sock",
"file": "net/sunrpc/xprtsock.c"
},
"deprecated": false,
"digest": {
"function_hash": "100070329339329902306656409033534547757",
"length": 897.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-35b50cac"
},
{
"signature_type": "Line",
"target": {
"file": "net/netlink/af_netlink.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"141336215415985427734016960355479746479",
"284698883761470595656082495984271677578",
"108168907792882723527330016306636433050",
"158070046319867633673417613881372050119",
"95871390661071030785508175163908889282",
"230976925263260811306569555470003202071",
"105763296272034989838839795320660968169",
"130898485162419807463495087972094238877",
"159639124293868073661210403204473935677"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-37cdb23b"
},
{
"signature_type": "Line",
"target": {
"file": "include/net/sock.h"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"249231734056517454551617276240424683651",
"164081775513012287067200994340799324248",
"193608209743662360576315878512019987359",
"225517772562865775334177086914545674423"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-3a942ca3"
},
{
"signature_type": "Line",
"target": {
"file": "net/mptcp/subflow.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"127033756800017366486149552373676821492",
"24640663471665121914412586227080050090",
"171075180454151949623263463426137581699",
"108366913328043758091429369333516486572",
"326007615764622194519398332563504095301",
"310007677610885067521273830021915029320",
"174314602845949684153200731991087059400"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-3b160212"
},
{
"signature_type": "Line",
"target": {
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"305914535419521362942388380350548339241",
"112183131377298823644488762719601797481",
"254016745538726784614126042466544010217",
"106910148216479816936764481975338050127",
"200214550766112117586343300937445335561",
"268640561597700754230391443091738875289",
"285613745119146382207744623778780476340",
"49752502145978962804899181493858896412",
"83837747160789880859463550306523001052",
"9175882924778317619700504377094769719",
"39236133697239441990012506581497449408",
"29664592067419478409943695296059621364",
"329521414005833096548685179294250765202",
"214665848913796303109578709499776732306",
"133790807352223579723064732679869153348",
"82590907911107551587515541063833356835",
"149833827970674473693794682797080052324",
"115984482385050236160180700389393054800",
"221970316642980905389884593090578380499",
"36435985625445078065369023329184384490"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-3cc92efa"
},
{
"signature_type": "Function",
"target": {
"function": "rds_tcp_tune",
"file": "net/rds/tcp.c"
},
"deprecated": false,
"digest": {
"function_hash": "12471898206548186134819899401200269678",
"length": 716.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-3e3b3bcb"
},
{
"signature_type": "Line",
"target": {
"file": "net/netlink/af_netlink.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"141336215415985427734016960355479746479",
"284698883761470595656082495984271677578",
"108168907792882723527330016306636433050",
"158070046319867633673417613881372050119",
"95871390661071030785508175163908889282",
"230976925263260811306569555470003202071",
"105763296272034989838839795320660968169",
"130898485162419807463495087972094238877",
"159639124293868073661210403204473935677"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-49484307"
},
{
"signature_type": "Line",
"target": {
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"305914535419521362942388380350548339241",
"112183131377298823644488762719601797481",
"254016745538726784614126042466544010217",
"106910148216479816936764481975338050127",
"200214550766112117586343300937445335561",
"268640561597700754230391443091738875289",
"285613745119146382207744623778780476340",
"49752502145978962804899181493858896412",
"83837747160789880859463550306523001052",
"9175882924778317619700504377094769719",
"39236133697239441990012506581497449408",
"29664592067419478409943695296059621364",
"329521414005833096548685179294250765202",
"214665848913796303109578709499776732306",
"133790807352223579723064732679869153348",
"82590907911107551587515541063833356835",
"149833827970674473693794682797080052324",
"115984482385050236160180700389393054800",
"221970316642980905389884593090578380499",
"36435985625445078065369023329184384490"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-4989bde8"
},
{
"signature_type": "Function",
"target": {
"function": "svc_create_socket",
"file": "net/sunrpc/svcsock.c"
},
"deprecated": false,
"digest": {
"function_hash": "286677212632872951560197876357152942406",
"length": 1491.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-4a5ef369"
},
{
"signature_type": "Function",
"target": {
"function": "netlink_release",
"file": "net/netlink/af_netlink.c"
},
"deprecated": false,
"digest": {
"function_hash": "44112798673460245865280628723641645076",
"length": 1988.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-4bf16f76"
},
{
"signature_type": "Function",
"target": {
"function": "svc_create_socket",
"file": "net/sunrpc/svcsock.c"
},
"deprecated": false,
"digest": {
"function_hash": "286677212632872951560197876357152942406",
"length": 1491.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-4c208736"
},
{
"signature_type": "Line",
"target": {
"file": "include/net/sock.h"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"249231734056517454551617276240424683651",
"164081775513012287067200994340799324248",
"193608209743662360576315878512019987359",
"225517772562865775334177086914545674423"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-4d56d609"
},
{
"signature_type": "Function",
"target": {
"function": "rds_tcp_tune",
"file": "net/rds/tcp.c"
},
"deprecated": false,
"digest": {
"function_hash": "12471898206548186134819899401200269678",
"length": 716.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-4e980d2f"
},
{
"signature_type": "Function",
"target": {
"function": "xs_create_sock",
"file": "net/sunrpc/xprtsock.c"
},
"deprecated": false,
"digest": {
"function_hash": "100070329339329902306656409033534547757",
"length": 897.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-4f02b64e"
},
{
"signature_type": "Line",
"target": {
"file": "net/rds/tcp.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"93178759624674347966015199623991294686",
"329811547692554098721565035253285462870",
"148409428160958472968861611745553698609",
"19240828158666794975228066633972752768",
"154305308568774963486908385326186209609",
"104478181583527860917150693392355359425",
"91383843021195663255973657458205258897"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-54260cd9"
},
{
"signature_type": "Line",
"target": {
"file": "net/smc/af_smc.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"236088172862425845712261038674672433961",
"93265690075294321697964030767868789191",
"24677585738707729308791528382912308217",
"31089885083331397419270816813772655471",
"295700965112063947198303950396974521296",
"231546431655631528530927814820232830757",
"5736941706149015180614400848916853300"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-5c4e360c"
},
{
"signature_type": "Line",
"target": {
"file": "net/sunrpc/xprtsock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"276624081406943755219655411064354947325",
"166318654010887172409039361907714386217",
"336522175593249010430878955251741300847",
"71690991337452981053210141184698921280",
"338081336241356531637481037319647291582",
"302860402094104156179953974168163282269",
"209280845965807585593291172744645941393",
"192439318792175391070037210111400364406",
"322836280684281852996865787831957369166"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-61066cee"
},
{
"signature_type": "Function",
"target": {
"function": "__sk_destruct",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "286644204726089909913475599740903795708",
"length": 936.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-683d514e"
},
{
"signature_type": "Line",
"target": {
"file": "include/net/sock.h"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"249231734056517454551617276240424683651",
"164081775513012287067200994340799324248",
"193608209743662360576315878512019987359",
"225517772562865775334177086914545674423"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-6d4075eb"
},
{
"signature_type": "Function",
"target": {
"function": "sk_clone_lock",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "117130680780162225193399035711644006644",
"length": 2130.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-74a37b87"
},
{
"signature_type": "Line",
"target": {
"file": "net/smc/af_smc.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"106292570617562970038753268968487235147",
"209725297833406767157341106052156104069",
"24677585738707729308791528382912308217",
"31089885083331397419270816813772655471",
"295700965112063947198303950396974521296",
"231546431655631528530927814820232830757",
"5736941706149015180614400848916853300"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-7d453e9a"
},
{
"signature_type": "Function",
"target": {
"function": "smc_create_clcsk",
"file": "net/smc/af_smc.c"
},
"deprecated": false,
"digest": {
"function_hash": "170847612911990290823217138238295206849",
"length": 429.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-7dad64f3"
},
{
"signature_type": "Function",
"target": {
"function": "sk_alloc",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "268086479889213382134793301030235073148",
"length": 766.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-80e2efa9"
},
{
"signature_type": "Function",
"target": {
"function": "smc_create_clcsk",
"file": "net/smc/af_smc.c"
},
"deprecated": false,
"digest": {
"function_hash": "170847612911990290823217138238295206849",
"length": 429.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-84ee572f"
},
{
"signature_type": "Line",
"target": {
"file": "net/rds/tcp.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"93178759624674347966015199623991294686",
"329811547692554098721565035253285462870",
"148409428160958472968861611745553698609",
"19240828158666794975228066633972752768",
"154305308568774963486908385326186209609",
"104478181583527860917150693392355359425",
"91383843021195663255973657458205258897"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-8a4d8a50"
},
{
"signature_type": "Function",
"target": {
"function": "xs_create_sock",
"file": "net/sunrpc/xprtsock.c"
},
"deprecated": false,
"digest": {
"function_hash": "100070329339329902306656409033534547757",
"length": 897.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-8b12c19f"
},
{
"signature_type": "Function",
"target": {
"function": "mptcp_subflow_create_socket",
"file": "net/mptcp/subflow.c"
},
"deprecated": false,
"digest": {
"function_hash": "20619638557637277381173663145472722551",
"length": 1240.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-8c9a1793"
},
{
"signature_type": "Function",
"target": {
"function": "mptcp_subflow_create_socket",
"file": "net/mptcp/subflow.c"
},
"deprecated": false,
"digest": {
"function_hash": "20619638557637277381173663145472722551",
"length": 1240.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-8e63fb92"
},
{
"signature_type": "Function",
"target": {
"function": "mptcp_subflow_create_socket",
"file": "net/mptcp/subflow.c"
},
"deprecated": false,
"digest": {
"function_hash": "282839748260627802711031541815271422812",
"length": 1157.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-9111d0a9"
},
{
"signature_type": "Line",
"target": {
"file": "net/sunrpc/xprtsock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"276624081406943755219655411064354947325",
"166318654010887172409039361907714386217",
"336522175593249010430878955251741300847",
"71690991337452981053210141184698921280",
"338081336241356531637481037319647291582",
"302860402094104156179953974168163282269",
"209280845965807585593291172744645941393",
"192439318792175391070037210111400364406",
"322836280684281852996865787831957369166"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-91b1da81"
},
{
"signature_type": "Line",
"target": {
"file": "net/sunrpc/svcsock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"307950930657288716725909654150840597519",
"136186424563951438989528421514442869757",
"51640694766348621686102104700545056467",
"32908006356526877743250698109337009304",
"205665512665232505152413767460040950131",
"192269166044464760472325615756760965929",
"12166910369276296911939358894367226412"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-97f4ef59"
},
{
"signature_type": "Function",
"target": {
"function": "netlink_release",
"file": "net/netlink/af_netlink.c"
},
"deprecated": false,
"digest": {
"function_hash": "44112798673460245865280628723641645076",
"length": 1988.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-981734fc"
},
{
"signature_type": "Line",
"target": {
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"305914535419521362942388380350548339241",
"112183131377298823644488762719601797481",
"254016745538726784614126042466544010217",
"106910148216479816936764481975338050127",
"200214550766112117586343300937445335561",
"268640561597700754230391443091738875289",
"285613745119146382207744623778780476340",
"49752502145978962804899181493858896412",
"83837747160789880859463550306523001052",
"9175882924778317619700504377094769719",
"39236133697239441990012506581497449408",
"29664592067419478409943695296059621364",
"329521414005833096548685179294250765202",
"214665848913796303109578709499776732306",
"133790807352223579723064732679869153348",
"82590907911107551587515541063833356835",
"149833827970674473693794682797080052324",
"115984482385050236160180700389393054800",
"221970316642980905389884593090578380499",
"36435985625445078065369023329184384490"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-9d4abd6f"
},
{
"signature_type": "Line",
"target": {
"file": "net/rds/tcp.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"93178759624674347966015199623991294686",
"329811547692554098721565035253285462870",
"148409428160958472968861611745553698609",
"19240828158666794975228066633972752768",
"154305308568774963486908385326186209609",
"104478181583527860917150693392355359425",
"91383843021195663255973657458205258897"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-9e897bb9"
},
{
"signature_type": "Line",
"target": {
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"305914535419521362942388380350548339241",
"112183131377298823644488762719601797481",
"254016745538726784614126042466544010217",
"106910148216479816936764481975338050127",
"200214550766112117586343300937445335561",
"268640561597700754230391443091738875289",
"285613745119146382207744623778780476340",
"49752502145978962804899181493858896412",
"83837747160789880859463550306523001052",
"9175882924778317619700504377094769719",
"39236133697239441990012506581497449408",
"29664592067419478409943695296059621364",
"329521414005833096548685179294250765202",
"214665848913796303109578709499776732306",
"133790807352223579723064732679869153348",
"82590907911107551587515541063833356835",
"149833827970674473693794682797080052324",
"115984482385050236160180700389393054800",
"221970316642980905389884593090578380499",
"36435985625445078065369023329184384490"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-9f99bf0a"
},
{
"signature_type": "Function",
"target": {
"function": "sk_clone_lock",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "117130680780162225193399035711644006644",
"length": 2130.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-a146c1a8"
},
{
"signature_type": "Line",
"target": {
"file": "net/sunrpc/svcsock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"307950930657288716725909654150840597519",
"136186424563951438989528421514442869757",
"51640694766348621686102104700545056467",
"32908006356526877743250698109337009304",
"205665512665232505152413767460040950131",
"192269166044464760472325615756760965929",
"12166910369276296911939358894367226412"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-a1f42fd9"
},
{
"signature_type": "Function",
"target": {
"function": "xs_create_sock",
"file": "net/sunrpc/xprtsock.c"
},
"deprecated": false,
"digest": {
"function_hash": "100070329339329902306656409033534547757",
"length": 897.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-a4649586"
},
{
"signature_type": "Line",
"target": {
"file": "net/sunrpc/xprtsock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"276624081406943755219655411064354947325",
"166318654010887172409039361907714386217",
"336522175593249010430878955251741300847",
"71690991337452981053210141184698921280",
"338081336241356531637481037319647291582",
"302860402094104156179953974168163282269",
"209280845965807585593291172744645941393",
"192439318792175391070037210111400364406",
"322836280684281852996865787831957369166"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-a6c22646"
},
{
"signature_type": "Line",
"target": {
"file": "net/rds/tcp.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"93178759624674347966015199623991294686",
"329811547692554098721565035253285462870",
"148409428160958472968861611745553698609",
"19240828158666794975228066633972752768",
"154305308568774963486908385326186209609",
"104478181583527860917150693392355359425",
"91383843021195663255973657458205258897"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-a8bb054d"
},
{
"signature_type": "Function",
"target": {
"function": "smc_create_clcsk",
"file": "net/smc/af_smc.c"
},
"deprecated": false,
"digest": {
"function_hash": "170847612911990290823217138238295206849",
"length": 429.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-a9341209"
},
{
"signature_type": "Line",
"target": {
"file": "net/netlink/af_netlink.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"141336215415985427734016960355479746479",
"284698883761470595656082495984271677578",
"108168907792882723527330016306636433050",
"158070046319867633673417613881372050119",
"95871390661071030785508175163908889282",
"230976925263260811306569555470003202071",
"105763296272034989838839795320660968169",
"130898485162419807463495087972094238877",
"159639124293868073661210403204473935677"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-b0e733df"
},
{
"signature_type": "Line",
"target": {
"file": "net/mptcp/subflow.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"127033756800017366486149552373676821492",
"24640663471665121914412586227080050090",
"171075180454151949623263463426137581699",
"108366913328043758091429369333516486572",
"326007615764622194519398332563504095301",
"310007677610885067521273830021915029320",
"174314602845949684153200731991087059400"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-b76afa3a"
},
{
"signature_type": "Line",
"target": {
"file": "net/mptcp/subflow.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"127033756800017366486149552373676821492",
"24640663471665121914412586227080050090",
"171075180454151949623263463426137581699",
"108366913328043758091429369333516486572",
"326007615764622194519398332563504095301",
"310007677610885067521273830021915029320",
"174314602845949684153200731991087059400"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-bdfc0260"
},
{
"signature_type": "Function",
"target": {
"function": "__sk_destruct",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "286644204726089909913475599740903795708",
"length": 936.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-be82d86e"
},
{
"signature_type": "Line",
"target": {
"file": "net/mptcp/subflow.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"150303591217143389441987243453514673828",
"116289726268908981338690563909959930218",
"171075180454151949623263463426137581699",
"108366913328043758091429369333516486572",
"326007615764622194519398332563504095301",
"276268727639746470196173409924111218700",
"33922112443102572656576513681254690554"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-bfc3bd2b"
},
{
"signature_type": "Line",
"target": {
"file": "net/sunrpc/xprtsock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"276624081406943755219655411064354947325",
"166318654010887172409039361907714386217",
"336522175593249010430878955251741300847",
"71690991337452981053210141184698921280",
"338081336241356531637481037319647291582",
"302860402094104156179953974168163282269",
"209280845965807585593291172744645941393",
"192439318792175391070037210111400364406",
"322836280684281852996865787831957369166"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-c28c7667"
},
{
"signature_type": "Function",
"target": {
"function": "rds_tcp_tune",
"file": "net/rds/tcp.c"
},
"deprecated": false,
"digest": {
"function_hash": "12471898206548186134819899401200269678",
"length": 716.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-c5903847"
},
{
"signature_type": "Line",
"target": {
"file": "include/net/sock.h"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"249231734056517454551617276240424683651",
"164081775513012287067200994340799324248",
"193608209743662360576315878512019987359",
"225517772562865775334177086914545674423"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-d1fad784"
},
{
"signature_type": "Line",
"target": {
"file": "net/sunrpc/svcsock.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"307950930657288716725909654150840597519",
"136186424563951438989528421514442869757",
"51640694766348621686102104700545056467",
"32908006356526877743250698109337009304",
"205665512665232505152413767460040950131",
"192269166044464760472325615756760965929",
"12166910369276296911939358894367226412"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-d2398fb7"
},
{
"signature_type": "Function",
"target": {
"function": "sk_clone_lock",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "117130680780162225193399035711644006644",
"length": 2130.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-dd40fb02"
},
{
"signature_type": "Function",
"target": {
"function": "svc_create_socket",
"file": "net/sunrpc/svcsock.c"
},
"deprecated": false,
"digest": {
"function_hash": "286677212632872951560197876357152942406",
"length": 1491.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-e26e132f"
},
{
"signature_type": "Function",
"target": {
"function": "netlink_release",
"file": "net/netlink/af_netlink.c"
},
"deprecated": false,
"digest": {
"function_hash": "44112798673460245865280628723641645076",
"length": 1988.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-e5252240"
},
{
"signature_type": "Function",
"target": {
"function": "sk_alloc",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "268086479889213382134793301030235073148",
"length": 766.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-ecf201a0"
},
{
"signature_type": "Function",
"target": {
"function": "mptcp_subflow_create_socket",
"file": "net/mptcp/subflow.c"
},
"deprecated": false,
"digest": {
"function_hash": "20619638557637277381173663145472722551",
"length": 1240.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-f046f8b1"
},
{
"signature_type": "Function",
"target": {
"function": "__sk_destruct",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "286644204726089909913475599740903795708",
"length": 936.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c31a732fac46b00b95b78fcc9c37cb48dd6f2e0c",
"signature_version": "v1",
"id": "CVE-2025-21884-f8095824"
},
{
"signature_type": "Function",
"target": {
"function": "sk_alloc",
"file": "net/core/sock.c"
},
"deprecated": false,
"digest": {
"function_hash": "268086479889213382134793301030235073148",
"length": 766.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-f85d6de9"
},
{
"signature_type": "Line",
"target": {
"file": "net/smc/af_smc.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"236088172862425845712261038674672433961",
"93265690075294321697964030767868789191",
"24677585738707729308791528382912308217",
"31089885083331397419270816813772655471",
"295700965112063947198303950396974521296",
"231546431655631528530927814820232830757",
"5736941706149015180614400848916853300"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ceb0bd4ffd009821b585ce6a8033b12b59fb5fb",
"signature_version": "v1",
"id": "CVE-2025-21884-f88e8d9b"
},
{
"signature_type": "Function",
"target": {
"function": "netlink_release",
"file": "net/netlink/af_netlink.c"
},
"deprecated": false,
"digest": {
"function_hash": "44112798673460245865280628723641645076",
"length": 1988.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2668e038800b946d269f96ec1b258c01930a242c",
"signature_version": "v1",
"id": "CVE-2025-21884-f9ec2be3"
},
{
"signature_type": "Line",
"target": {
"file": "net/netlink/af_netlink.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"141336215415985427734016960355479746479",
"284698883761470595656082495984271677578",
"108168907792882723527330016306636433050",
"158070046319867633673417613881372050119",
"95871390661071030785508175163908889282",
"230976925263260811306569555470003202071",
"105763296272034989838839795320660968169",
"130898485162419807463495087972094238877",
"159639124293868073661210403204473935677"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c70eb5c593d64d93b178905da215a9fd288a4b5",
"signature_version": "v1",
"id": "CVE-2025-21884-fd16d1af"
}
]