VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-brjs-u5tm-x7e2

Essentials
Severities (13)
References (31)
Severity details (10)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-brjs-u5tm-x7e2
Aliases	CVE-2025-21759
Summary	kernel: ipv6: mcast: extend RCU protection in igmp6_send()
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-416

Use After Free

System	Score	Found at
cvssv3	6.6	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21759.json
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2025-21759
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2025-21759
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2025-21759
cvssv3.1	5.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.8	https://git.kernel.org/stable/c/087c1faa594fa07a66933d750c0b2610aa1a2946
ssvc	Track	https://git.kernel.org/stable/c/087c1faa594fa07a66933d750c0b2610aa1a2946
cvssv3.1	7.8	https://git.kernel.org/stable/c/0bf8e2f3768629d437a32cb824149e6e98254381
ssvc	Track	https://git.kernel.org/stable/c/0bf8e2f3768629d437a32cb824149e6e98254381
cvssv3.1	7.8	https://git.kernel.org/stable/c/81b25a07ebf53f9ef4ca8f3d96a8ddb94561dd5a
ssvc	Track	https://git.kernel.org/stable/c/81b25a07ebf53f9ef4ca8f3d96a8ddb94561dd5a
cvssv3.1	7.8	https://git.kernel.org/stable/c/8e92d6a413feaf968a33f0b439ecf27404407458
ssvc	Track	https://git.kernel.org/stable/c/8e92d6a413feaf968a33f0b439ecf27404407458

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21759.json
		https://api.first.org/data/v1/epss?cve=CVE-2025-21759
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21759
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
087c1faa594fa07a66933d750c0b2610aa1a2946		https://git.kernel.org/stable/c/087c1faa594fa07a66933d750c0b2610aa1a2946
0bf8e2f3768629d437a32cb824149e6e98254381		https://git.kernel.org/stable/c/0bf8e2f3768629d437a32cb824149e6e98254381
2348596		https://bugzilla.redhat.com/show_bug.cgi?id=2348596
81b25a07ebf53f9ef4ca8f3d96a8ddb94561dd5a		https://git.kernel.org/stable/c/81b25a07ebf53f9ef4ca8f3d96a8ddb94561dd5a
8e92d6a413feaf968a33f0b439ecf27404407458		https://git.kernel.org/stable/c/8e92d6a413feaf968a33f0b439ecf27404407458
RHSA-2025:10371		https://access.redhat.com/errata/RHSA-2025:10371
RHSA-2025:10379		https://access.redhat.com/errata/RHSA-2025:10379
RHSA-2025:10829		https://access.redhat.com/errata/RHSA-2025:10829
RHSA-2025:10830		https://access.redhat.com/errata/RHSA-2025:10830
RHSA-2025:11245		https://access.redhat.com/errata/RHSA-2025:11245
RHSA-2025:12209		https://access.redhat.com/errata/RHSA-2025:12209
RHSA-2025:12311		https://access.redhat.com/errata/RHSA-2025:12311
RHSA-2025:13589		https://access.redhat.com/errata/RHSA-2025:13589
RHSA-2025:13590		https://access.redhat.com/errata/RHSA-2025:13590
RHSA-2025:14985		https://access.redhat.com/errata/RHSA-2025:14985
RHSA-2025:15656		https://access.redhat.com/errata/RHSA-2025:15656
RHSA-2025:15660		https://access.redhat.com/errata/RHSA-2025:15660
RHSA-2025:17124		https://access.redhat.com/errata/RHSA-2025:17124
USN-7521-1		https://usn.ubuntu.com/7521-1/
USN-7521-2		https://usn.ubuntu.com/7521-2/
USN-7521-3		https://usn.ubuntu.com/7521-3/
USN-7703-1		https://usn.ubuntu.com/7703-1/
USN-7703-2		https://usn.ubuntu.com/7703-2/
USN-7703-3		https://usn.ubuntu.com/7703-3/
USN-7703-4		https://usn.ubuntu.com/7703-4/
USN-7719-1		https://usn.ubuntu.com/7719-1/
USN-7737-1		https://usn.ubuntu.com/7737-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21759.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://git.kernel.org/stable/c/087c1faa594fa07a66933d750c0b2610aa1a2946

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T17:57:46Z/ Found at https://git.kernel.org/stable/c/087c1faa594fa07a66933d750c0b2610aa1a2946

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://git.kernel.org/stable/c/0bf8e2f3768629d437a32cb824149e6e98254381

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T17:57:46Z/ Found at https://git.kernel.org/stable/c/0bf8e2f3768629d437a32cb824149e6e98254381

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://git.kernel.org/stable/c/81b25a07ebf53f9ef4ca8f3d96a8ddb94561dd5a

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T17:57:46Z/ Found at https://git.kernel.org/stable/c/81b25a07ebf53f9ef4ca8f3d96a8ddb94561dd5a

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://git.kernel.org/stable/c/8e92d6a413feaf968a33f0b439ecf27404407458

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T17:57:46Z/ Found at https://git.kernel.org/stable/c/8e92d6a413feaf968a33f0b439ecf27404407458

Exploit Prediction Scoring System (EPSS)

Percentile	0.51591
EPSS Score	0.00279
Published At	June 5, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T16:48:05.722249+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21759.json	38.6.0