GHSA-j4rg-4m7w-4hr3 · Severity: unknown — In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout...
In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect() if already established During connect(), acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect() invoking vsock_transport_cancel_pkt() -> virtio_transport_purge_skbs() may race with sendmsg() invoking virtio_transport_get_credit(). This results in a permanently elevated `vvs->bytes_unsent`. Which, in turn, confuses the SOCK_LINGER handling. 2. connect() resetting a connected socket's state may race with socket being placed in a sockmap. A disconnected socket remaining in a sockmap breaks sockmap's assumptions. And gives rise to WARNs. 3. connect() transitioning SS_CONNECTED -> SS_UNCONNECTED allows for a transport change/drop after TCP_ESTABLISHED. Which poses a problem for any simultaneous sendmsg() or connect() and may result in a use-after-free/null-ptr-deref. Do not disconnect socket on signal/timeout. Keep the logic for unconnected sockets: they don't linger, can't be placed in a sockmap, are rejected by sendmsg(). [1]: https://lore.kernel.org/netdev/[email protected]/ [2]: https://lore.kernel.org/netdev/[email protected]/ [3]: https://lore.kernel.org/netdev/[email protected]/
Conclusion & alert: CVE-2025-40248 is rated Low Risk (17.8/100): low exploitation likelihood (EPSS 0.06%). Mandatory action: Low composite risk—no urgent action required; patch on your normal maintenance cycle and revisit priority if CVSS or EPSS increases.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-05-14 | 0.04% | 0.06% | +0.01% |
| 2 | 2026-05-02 | 0.06% | 0.04% | -0.02% |
| 3 | 2026-01-18 | — | 0.06% | — |
Full EPSS history (4 records total)
CVSS metrics for this CVE.
No CVSS data in dataset for this CVE.
GHSA-j4rg-4m7w-4hr3 · Severity: unknown — In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout...
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
not yet assigned | CVE-2025-40248 not yet assigned priority: Debian including 2 source packages (linux, linux-6.1), 6 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 6. | https://security-tracker.debian.org/tracker/CVE-2025-40248 |
redhat
|
high | — | https://access.redhat.com/security/cve/CVE-2025-40248 |
suse
|
medium | CVE-2025-40248 severity moderate: SUSE including 482 source package names (13.2-9.1:libsystemd0-254.23-1.1, 13.2-9.1:libudev1-254.23-1.1, …), 835 product×package rows across 124 product lines (Container suse/sl-micro/6.0/baremetal-os-container, Container suse/sl-micro/6.0/base-os-container, … (124 product lines)): Fixed 573, Known Affected 231, First Fixed 25, Known Not Affected 6. | https://www.suse.com/security/cve/CVE-2025-40248/ |
ubuntu
|
medium | CVE-2025-40248 medium priority: Ubuntu including 157 source packages (linux, linux-allwinner-5.19, …), 1405 status rows across 9 suites (bionic, focal, jammy, noble, plucky, questing, trusty, upstream, xenial): DNE 1010, ignored 182, released 160, needed 49, pending 3, not-affected 1. | https://ubuntu.com/security/CVE-2025-40248 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| No affected products in dataset. | |||