CVE-2025-68302
BaseFortify
Publication date: 2025-12-16
Last updated on: 2025-12-18
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Apply the patch or update to the Linux kernel version that includes the fix for the sxgbe driver to prevent the NULL dereference issue. This involves ensuring your system is updated with the latest kernel that contains the fix where a 'break' statement is added after the error message to avoid dereferencing a null skb.
Can you explain this vulnerability to me?
This vulnerability is a potential NULL pointer dereference in the Linux kernel's sxgbe network driver. When the skb (socket buffer) is null, the driver prints an error but then proceeds to dereference the null skb, which can cause a crash or undefined behavior. The fix involves adding a break statement after the error message to avoid dereferencing the null pointer and instead switch to a safe refill function.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash or behave unpredictably due to a NULL pointer dereference in the network driver. This may lead to denial of service or system instability when the affected driver encounters a null skb.