CVE-2025-68200
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-16

Last updated on: 2025-12-18

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: bpf: Add bpf_prog_run_data_pointers() syzbot found that cls_bpf_classify() is able to change tc_skb_cb(skb)->drop_reason triggering a warning in sk_skb_reason_drop(). WARNING: CPU: 0 PID: 5965 at net/core/skbuff.c:1192 __sk_skb_reason_drop net/core/skbuff.c:1189 [inline] WARNING: CPU: 0 PID: 5965 at net/core/skbuff.c:1192 sk_skb_reason_drop+0x76/0x170 net/core/skbuff.c:1214 struct tc_skb_cb has been added in commit ec624fe740b4 ("net/sched: Extend qdisc control block with tc control block"), which added a wrong interaction with db58ba459202 ("bpf: wire in data and data_end for cls_act_bpf"). drop_reason was added later. Add bpf_prog_run_data_pointers() helper to save/restore the net_sched storage colliding with BPF data_meta/data_end.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-18
Generated
2026-05-07
AI Q&A
2025-12-16
EPSS Evaluated
2026-05-05
NVD
CVE-2025-68200
EUVD
EUVD-2025-203696
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the Linux kernel's BPF (Berkeley Packet Filter) subsystem, where the function cls_bpf_classify() can improperly change the drop_reason field in the tc_skb_cb structure. This triggers warnings in the sk_skb_reason_drop() function, indicating a problematic interaction between recently added kernel components related to traffic control and BPF data handling. The issue was caused by conflicting changes in the kernel's network scheduling and BPF code, and was resolved by adding a helper function bpf_prog_run_data_pointers() to properly manage net_sched storage and BPF data pointers.


How can this vulnerability impact me? :

The vulnerability can cause incorrect handling of packet drop reasons within the Linux kernel's networking stack, potentially leading to warnings or instability in network packet processing. This could affect network performance or reliability on systems using the affected kernel versions, especially those relying on BPF for traffic control and classification.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart