From: Gyokhan Kochmarla gyokhan@amazon.com
This patch series backports two commits from mainline to fix CVE-2025-40075, a data race vulnerability in dst->dev access.
The first patch introduces dst->dev_rcu and dst_dev_net_rcu() helper to provide proper RCU protection with lockdep support. The second patch uses the new helper in tcp_metrics to eliminate unsafe dst_dev() calls.
These are clean cherry-picks from mainline commits: - caedcc5b6df1 ("net: dst: introduce dst->dev_rcu") - 50c127a69cd6 ("tcp_metrics: use dst_dev_net_rcu()")
Eric Dumazet (2): net: dst: introduce dst->dev_rcu tcp_metrics: use dst_dev_net_rcu()
include/net/dst.h | 16 +++++++++++----- net/core/dst.c | 2 +- net/ipv4/route.c | 4 ++-- net/ipv4/tcp_metrics.c | 6 +++--- 4 files changed, 17 insertions(+), 11 deletions(-)