CVE-2025-21762: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-21762 is a use-after-free (UAF) vulnerability discovered in the Linux kernel's ARP implementation. The vulnerability was identified in February 2025 and affects the arp_xmit() function, which can be called without proper RTNL or RCU protection. This vulnerability impacts various Linux kernel versions and distributions (NVD).

The vulnerability exists in the arp_xmit() function within the Linux kernel's ARP implementation. The issue arises because the function can be called without proper Read-Copy-Update (RCU) protection, potentially leading to a use-after-free condition. The CVSS v3.1 base score for this vulnerability is 7.8 (HIGH), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability could potentially lead to use-after-free conditions in the kernel's networking stack, which could result in system crashes, information disclosure, or potential privilege escalation. The high CVSS score indicates significant potential impact on system confidentiality, integrity, and availability (NVD).

The vulnerability has been patched in the Linux kernel by adding proper RCU protection to the arp_xmit() function. The fix involves adding rcu_read_lock() and rcu_read_unlock() calls around the critical section, and using dev_net_rcu() instead of dev_net() (Kernel Git).