🟠 High | Source: Microsoft Security Response Center
CVE-2025-40170 is a Linux kernel vulnerability affecting the networking stack, specifically a race condition or improper reference in the sk_setup_caps() function where dst_dev_rcu() should be used to safely access network device references. This flaw is surfaced in the context of Azure’s Linux-based infrastructure and workloads. If exploited, it could lead to memory corruption or use-after-free conditions in the kernel’s networking path, potentially destabilising affected systems.
Security Architect’s Take: Review whether your Azure Linux VMs or AKS node pools are running kernel versions affected by this flaw and prioritise patching via Azure Update Manager or your OS vendor’s update channel. If running custom or self-managed Linux images, check your kernel version against the upstream fix and expedite rollout to production nodes.
Original advisory: CVE-2025-40170 net: use dst_dev_rcu() in sk_setup_caps()