{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-71304","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-05-08T13:14:33.087Z","datePublished":"2026-05-27T12:14:53.289Z","dateUpdated":"2026-05-27T12:14:53.289Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-27T12:14:53.289Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmack: /smack/doi: accept previously used values\n\nWriting to /smack/doi a value that has ever been\nwritten there in the past disables networking for\nnon-ambient labels.\nE.g.\n\n    # cat /smack/doi\n    3\n    # netlabelctl -p cipso list\n    Configured CIPSO mappings (1)\n     DOI value : 3\n       mapping type : PASS_THROUGH\n    # netlabelctl -p map list\n    Configured NetLabel domain mappings (3)\n     domain: \"_\" (IPv4)\n       protocol: UNLABELED\n     domain: DEFAULT (IPv4)\n       protocol: CIPSO, DOI = 3\n     domain: DEFAULT (IPv6)\n       protocol: UNLABELED\n\n    # cat /smack/ambient\n    _\n    # cat /proc/$$/attr/smack/current\n    _\n    # ping -c1 10.1.95.12\n    64 bytes from 10.1.95.12: icmp_seq=1 ttl=64 time=0.964 ms\n    # echo foo >/proc/$$/attr/smack/current\n    # ping -c1 10.1.95.12\n    64 bytes from 10.1.95.12: icmp_seq=1 ttl=64 time=0.956 ms\n    unknown option 86\n\n    # echo 4 >/smack/doi\n    # echo 3 >/smack/doi\n!>  [  214.050395] smk_cipso_doi:691 cipso add rc = -17\n    # echo 3 >/smack/doi\n!>  [  249.402261] smk_cipso_doi:678 remove rc = -2\n!>  [  249.402261] smk_cipso_doi:691 cipso add rc = -17\n\n    # ping -c1 10.1.95.12\n!!> ping: 10.1.95.12: Address family for hostname not supported\n\n    # echo _ >/proc/$$/attr/smack/current\n    # ping -c1 10.1.95.12\n    64 bytes from 10.1.95.12: icmp_seq=1 ttl=64 time=0.617 ms\n\nThis happens because Smack keeps decommissioned DOIs,\nfails to re-add them, and consequently refuses to add\nthe “default” domain map:\n\n    # netlabelctl -p cipso list\n    Configured CIPSO mappings (2)\n     DOI value : 3\n       mapping type : PASS_THROUGH\n     DOI value : 4\n       mapping type : PASS_THROUGH\n    # netlabelctl -p map list\n    Configured NetLabel domain mappings (2)\n     domain: \"_\" (IPv4)\n       protocol: UNLABELED\n!>  (no ipv4 map for default domain here)\n     domain: DEFAULT (IPv6)\n       protocol: UNLABELED\n\nFix by clearing decommissioned DOI definitions and\nserializing concurrent DOI updates with a new lock.\n\nAlso:\n- allow /smack/doi to live unconfigured, since\n  adding a map (netlbl_cfg_cipsov4_map_add) may fail.\n  CIPSO_V4_DOI_UNKNOWN(0) indicates the unconfigured DOI\n- add new DOI before removing the old default map,\n  so the old map remains if the add fails\n\n(2008-02-04, Casey Schaufler)"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["security/smack/smackfs.c"],"versions":[{"version":"e114e473771c848c3cfec05f0123e70f1cdbdc99","lessThan":"eb718a3c8181ada679340db34cd61bce48e44749","status":"affected","versionType":"git"},{"version":"e114e473771c848c3cfec05f0123e70f1cdbdc99","lessThan":"6ec091c5c7eeabd249a7c46813cad1e9f555f859","status":"affected","versionType":"git"},{"version":"e114e473771c848c3cfec05f0123e70f1cdbdc99","lessThan":"199452f22d2f74b897fe826f81ec402b0a8461a0","status":"affected","versionType":"git"},{"version":"e114e473771c848c3cfec05f0123e70f1cdbdc99","lessThan":"1c7ee23dfcd18d80770d8f90f2ab5bb1b2bfd8a3","status":"affected","versionType":"git"},{"version":"e114e473771c848c3cfec05f0123e70f1cdbdc99","lessThan":"f8071500177f38cff38892bd85ac631cc6e010b2","status":"affected","versionType":"git"},{"version":"e114e473771c848c3cfec05f0123e70f1cdbdc99","lessThan":"5a247a84de0ba44edbbd6be851c8a6b2aa60ff85","status":"affected","versionType":"git"},{"version":"e114e473771c848c3cfec05f0123e70f1cdbdc99","lessThan":"8beebb8ad9a003f978e53b06237986588223e15e","status":"affected","versionType":"git"},{"version":"e114e473771c848c3cfec05f0123e70f1cdbdc99","lessThan":"33d589ed60ae433b483761987b85e0d24e54584e","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["security/smack/smackfs.c"],"versions":[{"version":"2.6.25","status":"affected"},{"version":"0","lessThan":"2.6.25","status":"unaffected","versionType":"semver"},{"version":"5.10.252","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.202","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.165","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.128","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.75","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.14","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19.4","lessThanOrEqual":"6.19.*","status":"unaffected","versionType":"semver"},{"version":"7.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.25","versionEndExcluding":"5.10.252"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.25","versionEndExcluding":"5.15.202"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.25","versionEndExcluding":"6.1.165"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.25","versionEndExcluding":"6.6.128"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.25","versionEndExcluding":"6.12.75"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.25","versionEndExcluding":"6.18.14"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.25","versionEndExcluding":"6.19.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.25","versionEndExcluding":"7.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/eb718a3c8181ada679340db34cd61bce48e44749"},{"url":"https://git.kernel.org/stable/c/6ec091c5c7eeabd249a7c46813cad1e9f555f859"},{"url":"https://git.kernel.org/stable/c/199452f22d2f74b897fe826f81ec402b0a8461a0"},{"url":"https://git.kernel.org/stable/c/1c7ee23dfcd18d80770d8f90f2ab5bb1b2bfd8a3"},{"url":"https://git.kernel.org/stable/c/f8071500177f38cff38892bd85ac631cc6e010b2"},{"url":"https://git.kernel.org/stable/c/5a247a84de0ba44edbbd6be851c8a6b2aa60ff85"},{"url":"https://git.kernel.org/stable/c/8beebb8ad9a003f978e53b06237986588223e15e"},{"url":"https://git.kernel.org/stable/c/33d589ed60ae433b483761987b85e0d24e54584e"}],"title":"smack: /smack/doi: accept previously used values","x_generator":{"engine":"bippy-1.2.0"}}}}