Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-68232 (GCVE-0-2025-68232)
Vulnerability from cvelistv5 – Published: 2025-12-16 14:04 – Updated: 2025-12-16 14:04
VLAI?
EPSS
Title
veth: more robust handing of race to avoid txq getting stuck
Summary
In the Linux kernel, the following vulnerability has been resolved:
veth: more robust handing of race to avoid txq getting stuck
Commit dc82a33297fc ("veth: apply qdisc backpressure on full ptr_ring to
reduce TX drops") introduced a race condition that can lead to a permanently
stalled TXQ. This was observed in production on ARM64 systems (Ampere Altra
Max).
The race occurs in veth_xmit(). The producer observes a full ptr_ring and
stops the queue (netif_tx_stop_queue()). The subsequent conditional logic,
intended to re-wake the queue if the consumer had just emptied it (if
(__ptr_ring_empty(...)) netif_tx_wake_queue()), can fail. This leads to a
"lost wakeup" where the TXQ remains stopped (QUEUE_STATE_DRV_XOFF) and
traffic halts.
This failure is caused by an incorrect use of the __ptr_ring_empty() API
from the producer side. As noted in kernel comments, this check is not
guaranteed to be correct if a consumer is operating on another CPU. The
empty test is based on ptr_ring->consumer_head, making it reliable only for
the consumer. Using this check from the producer side is fundamentally racy.
This patch fixes the race by adopting the more robust logic from an earlier
version V4 of the patchset, which always flushed the peer:
(1) In veth_xmit(), the racy conditional wake-up logic and its memory barrier
are removed. Instead, after stopping the queue, we unconditionally call
__veth_xdp_flush(rq). This guarantees that the NAPI consumer is scheduled,
making it solely responsible for re-waking the TXQ.
This handles the race where veth_poll() consumes all packets and completes
NAPI *before* veth_xmit() on the producer side has called netif_tx_stop_queue.
The __veth_xdp_flush(rq) will observe rx_notify_masked is false and schedule
NAPI.
(2) On the consumer side, the logic for waking the peer TXQ is moved out of
veth_xdp_rcv() and placed at the end of the veth_poll() function. This
placement is part of fixing the race, as the netif_tx_queue_stopped() check
must occur after rx_notify_masked is potentially set to false during NAPI
completion.
This handles the race where veth_poll() consumes all packets, but haven't
finished (rx_notify_masked is still true). The producer veth_xmit() stops the
TXQ and __veth_xdp_flush(rq) will observe rx_notify_masked is true, meaning
not starting NAPI. Then veth_poll() change rx_notify_masked to false and
stops NAPI. Before exiting veth_poll() will observe TXQ is stopped and wake
it up.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Affected:
9fe31b3f314534e238aa6d0b6fb492134cbcf8be , < dd419a3f2ebc18cc00bc32c57fd052d7a188b78b
(git)
Affected: dc82a33297fc2c58cb0b2b008d728668d45c0f6a , < 6c8a8b9257a660e622689e23c8fbad4ba2b561b9 (git) Affected: dc82a33297fc2c58cb0b2b008d728668d45c0f6a , < 5442a9da69789741bfda39f34ee7f69552bf0c56 (git) |
||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/veth.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "dd419a3f2ebc18cc00bc32c57fd052d7a188b78b",
"status": "affected",
"version": "9fe31b3f314534e238aa6d0b6fb492134cbcf8be",
"versionType": "git"
},
{
"lessThan": "6c8a8b9257a660e622689e23c8fbad4ba2b561b9",
"status": "affected",
"version": "dc82a33297fc2c58cb0b2b008d728668d45c0f6a",
"versionType": "git"
},
{
"lessThan": "5442a9da69789741bfda39f34ee7f69552bf0c56",
"status": "affected",
"version": "dc82a33297fc2c58cb0b2b008d728668d45c0f6a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/veth.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.16"
},
{
"lessThan": "6.16",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.17.*",
"status": "unaffected",
"version": "6.17.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.18",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.17.10",
"versionStartIncluding": "6.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18",
"versionStartIncluding": "6.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nveth: more robust handing of race to avoid txq getting stuck\n\nCommit dc82a33297fc (\"veth: apply qdisc backpressure on full ptr_ring to\nreduce TX drops\") introduced a race condition that can lead to a permanently\nstalled TXQ. This was observed in production on ARM64 systems (Ampere Altra\nMax).\n\nThe race occurs in veth_xmit(). The producer observes a full ptr_ring and\nstops the queue (netif_tx_stop_queue()). The subsequent conditional logic,\nintended to re-wake the queue if the consumer had just emptied it (if\n(__ptr_ring_empty(...)) netif_tx_wake_queue()), can fail. This leads to a\n\"lost wakeup\" where the TXQ remains stopped (QUEUE_STATE_DRV_XOFF) and\ntraffic halts.\n\nThis failure is caused by an incorrect use of the __ptr_ring_empty() API\nfrom the producer side. As noted in kernel comments, this check is not\nguaranteed to be correct if a consumer is operating on another CPU. The\nempty test is based on ptr_ring-\u003econsumer_head, making it reliable only for\nthe consumer. Using this check from the producer side is fundamentally racy.\n\nThis patch fixes the race by adopting the more robust logic from an earlier\nversion V4 of the patchset, which always flushed the peer:\n\n(1) In veth_xmit(), the racy conditional wake-up logic and its memory barrier\nare removed. Instead, after stopping the queue, we unconditionally call\n__veth_xdp_flush(rq). This guarantees that the NAPI consumer is scheduled,\nmaking it solely responsible for re-waking the TXQ.\n This handles the race where veth_poll() consumes all packets and completes\nNAPI *before* veth_xmit() on the producer side has called netif_tx_stop_queue.\nThe __veth_xdp_flush(rq) will observe rx_notify_masked is false and schedule\nNAPI.\n\n(2) On the consumer side, the logic for waking the peer TXQ is moved out of\nveth_xdp_rcv() and placed at the end of the veth_poll() function. This\nplacement is part of fixing the race, as the netif_tx_queue_stopped() check\nmust occur after rx_notify_masked is potentially set to false during NAPI\ncompletion.\n This handles the race where veth_poll() consumes all packets, but haven\u0027t\nfinished (rx_notify_masked is still true). The producer veth_xmit() stops the\nTXQ and __veth_xdp_flush(rq) will observe rx_notify_masked is true, meaning\nnot starting NAPI. Then veth_poll() change rx_notify_masked to false and\nstops NAPI. Before exiting veth_poll() will observe TXQ is stopped and wake\nit up."
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T14:04:12.624Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/dd419a3f2ebc18cc00bc32c57fd052d7a188b78b"
},
{
"url": "https://git.kernel.org/stable/c/6c8a8b9257a660e622689e23c8fbad4ba2b561b9"
},
{
"url": "https://git.kernel.org/stable/c/5442a9da69789741bfda39f34ee7f69552bf0c56"
}
],
"title": "veth: more robust handing of race to avoid txq getting stuck",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-68232",
"datePublished": "2025-12-16T14:04:12.624Z",
"dateReserved": "2025-12-16T13:41:40.258Z",
"dateUpdated": "2025-12-16T14:04:12.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-68232\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-12-16T14:15:57.633\",\"lastModified\":\"2025-12-18T15:08:06.237\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nveth: more robust handing of race to avoid txq getting stuck\\n\\nCommit dc82a33297fc (\\\"veth: apply qdisc backpressure on full ptr_ring to\\nreduce TX drops\\\") introduced a race condition that can lead to a permanently\\nstalled TXQ. This was observed in production on ARM64 systems (Ampere Altra\\nMax).\\n\\nThe race occurs in veth_xmit(). The producer observes a full ptr_ring and\\nstops the queue (netif_tx_stop_queue()). The subsequent conditional logic,\\nintended to re-wake the queue if the consumer had just emptied it (if\\n(__ptr_ring_empty(...)) netif_tx_wake_queue()), can fail. This leads to a\\n\\\"lost wakeup\\\" where the TXQ remains stopped (QUEUE_STATE_DRV_XOFF) and\\ntraffic halts.\\n\\nThis failure is caused by an incorrect use of the __ptr_ring_empty() API\\nfrom the producer side. As noted in kernel comments, this check is not\\nguaranteed to be correct if a consumer is operating on another CPU. The\\nempty test is based on ptr_ring-\u003econsumer_head, making it reliable only for\\nthe consumer. Using this check from the producer side is fundamentally racy.\\n\\nThis patch fixes the race by adopting the more robust logic from an earlier\\nversion V4 of the patchset, which always flushed the peer:\\n\\n(1) In veth_xmit(), the racy conditional wake-up logic and its memory barrier\\nare removed. Instead, after stopping the queue, we unconditionally call\\n__veth_xdp_flush(rq). This guarantees that the NAPI consumer is scheduled,\\nmaking it solely responsible for re-waking the TXQ.\\n This handles the race where veth_poll() consumes all packets and completes\\nNAPI *before* veth_xmit() on the producer side has called netif_tx_stop_queue.\\nThe __veth_xdp_flush(rq) will observe rx_notify_masked is false and schedule\\nNAPI.\\n\\n(2) On the consumer side, the logic for waking the peer TXQ is moved out of\\nveth_xdp_rcv() and placed at the end of the veth_poll() function. This\\nplacement is part of fixing the race, as the netif_tx_queue_stopped() check\\nmust occur after rx_notify_masked is potentially set to false during NAPI\\ncompletion.\\n This handles the race where veth_poll() consumes all packets, but haven\u0027t\\nfinished (rx_notify_masked is still true). The producer veth_xmit() stops the\\nTXQ and __veth_xdp_flush(rq) will observe rx_notify_masked is true, meaning\\nnot starting NAPI. Then veth_poll() change rx_notify_masked to false and\\nstops NAPI. Before exiting veth_poll() will observe TXQ is stopped and wake\\nit up.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/5442a9da69789741bfda39f34ee7f69552bf0c56\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6c8a8b9257a660e622689e23c8fbad4ba2b561b9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/dd419a3f2ebc18cc00bc32c57fd052d7a188b78b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
FKIE_CVE-2025-68232
Vulnerability from fkie_nvd - Published: 2025-12-16 14:15 - Updated: 2025-12-18 15:08
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
veth: more robust handing of race to avoid txq getting stuck
Commit dc82a33297fc ("veth: apply qdisc backpressure on full ptr_ring to
reduce TX drops") introduced a race condition that can lead to a permanently
stalled TXQ. This was observed in production on ARM64 systems (Ampere Altra
Max).
The race occurs in veth_xmit(). The producer observes a full ptr_ring and
stops the queue (netif_tx_stop_queue()). The subsequent conditional logic,
intended to re-wake the queue if the consumer had just emptied it (if
(__ptr_ring_empty(...)) netif_tx_wake_queue()), can fail. This leads to a
"lost wakeup" where the TXQ remains stopped (QUEUE_STATE_DRV_XOFF) and
traffic halts.
This failure is caused by an incorrect use of the __ptr_ring_empty() API
from the producer side. As noted in kernel comments, this check is not
guaranteed to be correct if a consumer is operating on another CPU. The
empty test is based on ptr_ring->consumer_head, making it reliable only for
the consumer. Using this check from the producer side is fundamentally racy.
This patch fixes the race by adopting the more robust logic from an earlier
version V4 of the patchset, which always flushed the peer:
(1) In veth_xmit(), the racy conditional wake-up logic and its memory barrier
are removed. Instead, after stopping the queue, we unconditionally call
__veth_xdp_flush(rq). This guarantees that the NAPI consumer is scheduled,
making it solely responsible for re-waking the TXQ.
This handles the race where veth_poll() consumes all packets and completes
NAPI *before* veth_xmit() on the producer side has called netif_tx_stop_queue.
The __veth_xdp_flush(rq) will observe rx_notify_masked is false and schedule
NAPI.
(2) On the consumer side, the logic for waking the peer TXQ is moved out of
veth_xdp_rcv() and placed at the end of the veth_poll() function. This
placement is part of fixing the race, as the netif_tx_queue_stopped() check
must occur after rx_notify_masked is potentially set to false during NAPI
completion.
This handles the race where veth_poll() consumes all packets, but haven't
finished (rx_notify_masked is still true). The producer veth_xmit() stops the
TXQ and __veth_xdp_flush(rq) will observe rx_notify_masked is true, meaning
not starting NAPI. Then veth_poll() change rx_notify_masked to false and
stops NAPI. Before exiting veth_poll() will observe TXQ is stopped and wake
it up.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nveth: more robust handing of race to avoid txq getting stuck\n\nCommit dc82a33297fc (\"veth: apply qdisc backpressure on full ptr_ring to\nreduce TX drops\") introduced a race condition that can lead to a permanently\nstalled TXQ. This was observed in production on ARM64 systems (Ampere Altra\nMax).\n\nThe race occurs in veth_xmit(). The producer observes a full ptr_ring and\nstops the queue (netif_tx_stop_queue()). The subsequent conditional logic,\nintended to re-wake the queue if the consumer had just emptied it (if\n(__ptr_ring_empty(...)) netif_tx_wake_queue()), can fail. This leads to a\n\"lost wakeup\" where the TXQ remains stopped (QUEUE_STATE_DRV_XOFF) and\ntraffic halts.\n\nThis failure is caused by an incorrect use of the __ptr_ring_empty() API\nfrom the producer side. As noted in kernel comments, this check is not\nguaranteed to be correct if a consumer is operating on another CPU. The\nempty test is based on ptr_ring-\u003econsumer_head, making it reliable only for\nthe consumer. Using this check from the producer side is fundamentally racy.\n\nThis patch fixes the race by adopting the more robust logic from an earlier\nversion V4 of the patchset, which always flushed the peer:\n\n(1) In veth_xmit(), the racy conditional wake-up logic and its memory barrier\nare removed. Instead, after stopping the queue, we unconditionally call\n__veth_xdp_flush(rq). This guarantees that the NAPI consumer is scheduled,\nmaking it solely responsible for re-waking the TXQ.\n This handles the race where veth_poll() consumes all packets and completes\nNAPI *before* veth_xmit() on the producer side has called netif_tx_stop_queue.\nThe __veth_xdp_flush(rq) will observe rx_notify_masked is false and schedule\nNAPI.\n\n(2) On the consumer side, the logic for waking the peer TXQ is moved out of\nveth_xdp_rcv() and placed at the end of the veth_poll() function. This\nplacement is part of fixing the race, as the netif_tx_queue_stopped() check\nmust occur after rx_notify_masked is potentially set to false during NAPI\ncompletion.\n This handles the race where veth_poll() consumes all packets, but haven\u0027t\nfinished (rx_notify_masked is still true). The producer veth_xmit() stops the\nTXQ and __veth_xdp_flush(rq) will observe rx_notify_masked is true, meaning\nnot starting NAPI. Then veth_poll() change rx_notify_masked to false and\nstops NAPI. Before exiting veth_poll() will observe TXQ is stopped and wake\nit up."
}
],
"id": "CVE-2025-68232",
"lastModified": "2025-12-18T15:08:06.237",
"metrics": {},
"published": "2025-12-16T14:15:57.633",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/5442a9da69789741bfda39f34ee7f69552bf0c56"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/6c8a8b9257a660e622689e23c8fbad4ba2b561b9"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/dd419a3f2ebc18cc00bc32c57fd052d7a188b78b"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
WID-SEC-W-2025-2868
Vulnerability from csaf_certbund - Published: 2025-12-16 23:00 - Updated: 2026-02-04 23:00Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, die möglicherweise zu einer Denial-of-Service- Bedingung führen oder eine Speicherbeschädigung verursachen können.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, die m\u00f6glicherweise zu einer Denial-of-Service- Bedingung f\u00fchren oder eine Speicherbesch\u00e4digung verursachen k\u00f6nnen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2868 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2868.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2868 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2868"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40346",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-40346-623f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40347",
"url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-40347-275c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40348",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-40348-4387@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40349",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-40349-82c6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40350",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-40350-577e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40351",
"url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-40351-55f8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40352",
"url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-40352-3fa5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40353",
"url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-40353-fb93@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40354",
"url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-40354-b9bd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40355",
"url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-40355-7b3b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40356",
"url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-40356-27b8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40357",
"url": "https://lore.kernel.org/linux-cve-announce/2025121638-CVE-2025-40357-67de@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40358",
"url": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-40358-9963@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40359",
"url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-40359-143c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40360",
"url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-40360-28d0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40361",
"url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-40361-50ca@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40362",
"url": "https://lore.kernel.org/linux-cve-announce/2025121645-CVE-2025-40362-c4d6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40363",
"url": "https://lore.kernel.org/linux-cve-announce/2025121645-CVE-2025-40363-bbdd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68167",
"url": "https://lore.kernel.org/linux-cve-announce/2025121627-CVE-2025-68167-a6eb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68168",
"url": "https://lore.kernel.org/linux-cve-announce/2025121627-CVE-2025-68168-7341@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68169",
"url": "https://lore.kernel.org/linux-cve-announce/2025121628-CVE-2025-68169-1e23@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68170",
"url": "https://lore.kernel.org/linux-cve-announce/2025121628-CVE-2025-68170-6a22@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68171",
"url": "https://lore.kernel.org/linux-cve-announce/2025121628-CVE-2025-68171-d43d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68172",
"url": "https://lore.kernel.org/linux-cve-announce/2025121629-CVE-2025-68172-3d84@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68173",
"url": "https://lore.kernel.org/linux-cve-announce/2025121629-CVE-2025-68173-788c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68174",
"url": "https://lore.kernel.org/linux-cve-announce/2025121629-CVE-2025-68174-84da@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68175",
"url": "https://lore.kernel.org/linux-cve-announce/2025121629-CVE-2025-68175-d545@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68176",
"url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68176-4be5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68177",
"url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68177-5af8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68178",
"url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68178-6a73@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68179",
"url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68179-6ce9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68180",
"url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68180-385e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68181",
"url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68181-57dd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68182",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68182-87b4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68183",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68183-f588@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68184",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68184-602a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68185",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68185-6db0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68186",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68186-8a42@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68187",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68187-630c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68188",
"url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68188-5392@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68189",
"url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68189-c9b6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68190",
"url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68190-e648@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68191",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68191-ec54@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68192",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68192-4491@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68193",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68193-2474@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68194",
"url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68194-2b2f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68195",
"url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68195-98fc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68196",
"url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68196-5e6e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68197",
"url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-68197-5624@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68198",
"url": "https://lore.kernel.org/linux-cve-announce/2025121627-CVE-2025-68198-2638@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68199",
"url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68199-c244@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68200",
"url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68200-3bbb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68201",
"url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68201-d175@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68202",
"url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68202-f008@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68203",
"url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68203-7510@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68204",
"url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68204-8659@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68205",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68205-6672@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68206",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68206-47ba@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68207",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68207-c0f2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68208",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68208-d2fc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68209",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68209-2e49@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68210",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68210-c4b9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68211",
"url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68211-180a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68212",
"url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68212-eab7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68213",
"url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68213-2d63@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68214",
"url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68214-1871@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68215",
"url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68215-ee77@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68216",
"url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68216-405a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68217",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68217-896e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68218",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68218-4aee@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68219",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68219-f9c4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68220",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68220-9526@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68221",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68221-7f16@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68222",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68222-1d22@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68223",
"url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68223-4e44@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68224",
"url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68224-37da@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68225",
"url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68225-bfd3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68226",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68226-6559@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68227",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68227-930f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68228",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68228-43e1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68229",
"url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68229-8958@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68230",
"url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68230-a9be@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68231",
"url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68231-74ba@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68232",
"url": "https://lore.kernel.org/linux-cve-announce/2025121617-CVE-2025-68232-3ea7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68233",
"url": "https://lore.kernel.org/linux-cve-announce/2025121617-CVE-2025-68233-1595@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68234",
"url": "https://lore.kernel.org/linux-cve-announce/2025121617-CVE-2025-68234-5ab4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68235",
"url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68235-2837@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68236",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68236-d2fe@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68237",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68237-7f03@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68238",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68238-fd37@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68239",
"url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68239-f7a4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68240",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68240-03ff@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68241",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68241-854d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68242",
"url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68242-45e0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68243",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68243-cdd0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68244",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68244-9dbc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68245",
"url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68245-4e60@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68246",
"url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68246-7c3d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68247",
"url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68247-9661@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68248",
"url": "https://lore.kernel.org/linux-cve-announce/2025121623-CVE-2025-68248-2695@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68249",
"url": "https://lore.kernel.org/linux-cve-announce/2025121623-CVE-2025-68249-f6bc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68250",
"url": "https://lore.kernel.org/linux-cve-announce/2025121623-CVE-2025-68250-9b9c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68251",
"url": "https://lore.kernel.org/linux-cve-announce/2025121624-CVE-2025-68251-782f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68252",
"url": "https://lore.kernel.org/linux-cve-announce/2025121624-CVE-2025-68252-5763@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68253",
"url": "https://lore.kernel.org/linux-cve-announce/2025121624-CVE-2025-68253-7e3c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68254",
"url": "https://lore.kernel.org/linux-cve-announce/2025121610-CVE-2025-68254-b745@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68255",
"url": "https://lore.kernel.org/linux-cve-announce/2025121612-CVE-2025-68255-3994@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68256",
"url": "https://lore.kernel.org/linux-cve-announce/2025121612-CVE-2025-68256-5ed2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68257",
"url": "https://lore.kernel.org/linux-cve-announce/2025121613-CVE-2025-68257-3579@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68258",
"url": "https://lore.kernel.org/linux-cve-announce/2025121613-CVE-2025-68258-9a76@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68259",
"url": "https://lore.kernel.org/linux-cve-announce/2025121613-CVE-2025-68259-16e3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68260",
"url": "https://lore.kernel.org/linux-cve-announce/2025121614-CVE-2025-68260-558d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68261",
"url": "https://lore.kernel.org/linux-cve-announce/2025121614-CVE-2025-68261-4e23@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68262",
"url": "https://lore.kernel.org/linux-cve-announce/2025121614-CVE-2025-68262-8492@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68263",
"url": "https://lore.kernel.org/linux-cve-announce/2025121615-CVE-2025-68263-9c03@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68264",
"url": "https://lore.kernel.org/linux-cve-announce/2025121615-CVE-2025-68264-6768@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68265",
"url": "https://lore.kernel.org/linux-cve-announce/2025121609-CVE-2025-68265-4800@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68266",
"url": "https://lore.kernel.org/linux-cve-announce/2025121609-CVE-2025-68266-d334@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68281",
"url": "https://lore.kernel.org/linux-cve-announce/2025121640-CVE-2025-68281-4fa1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68282",
"url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68282-641e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68283",
"url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-68283-77dd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68284",
"url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-68284-132f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68285",
"url": "https://lore.kernel.org/linux-cve-announce/2025121638-CVE-2025-68285-8339@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68286",
"url": "https://lore.kernel.org/linux-cve-announce/2025121638-CVE-2025-68286-cda3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68287",
"url": "https://lore.kernel.org/linux-cve-announce/2025121638-CVE-2025-68287-5647@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68288",
"url": "https://lore.kernel.org/linux-cve-announce/2025121639-CVE-2025-68288-c606@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68289",
"url": "https://lore.kernel.org/linux-cve-announce/2025121639-CVE-2025-68289-1efe@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68290",
"url": "https://lore.kernel.org/linux-cve-announce/2025121639-CVE-2025-68290-e13c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68291",
"url": "https://lore.kernel.org/linux-cve-announce/2025121640-CVE-2025-68291-4649@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68292",
"url": "https://lore.kernel.org/linux-cve-announce/2025121640-CVE-2025-68292-434b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68293",
"url": "https://lore.kernel.org/linux-cve-announce/2025121640-CVE-2025-68293-ea76@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68294",
"url": "https://lore.kernel.org/linux-cve-announce/2025121641-CVE-2025-68294-fcd2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68295",
"url": "https://lore.kernel.org/linux-cve-announce/2025121641-CVE-2025-68295-89cb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68296",
"url": "https://lore.kernel.org/linux-cve-announce/2025121641-CVE-2025-68296-c946@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68297",
"url": "https://lore.kernel.org/linux-cve-announce/2025121642-CVE-2025-68297-1f6e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68298",
"url": "https://lore.kernel.org/linux-cve-announce/2025121642-CVE-2025-68298-40ed@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68299",
"url": "https://lore.kernel.org/linux-cve-announce/2025121642-CVE-2025-68299-411f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68300",
"url": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-68300-ec22@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68301",
"url": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-68301-be31@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68302",
"url": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-68302-913d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68303",
"url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-68303-2c61@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68304",
"url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-68304-9ae7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68305",
"url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-68305-e40b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68306",
"url": "https://lore.kernel.org/linux-cve-announce/2025121645-CVE-2025-68306-e034@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68307",
"url": "https://lore.kernel.org/linux-cve-announce/2025121645-CVE-2025-68307-5e9b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68308",
"url": "https://lore.kernel.org/linux-cve-announce/2025121645-CVE-2025-68308-5dc4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68309",
"url": "https://lore.kernel.org/linux-cve-announce/2025121651-CVE-2025-68309-1029@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68310",
"url": "https://lore.kernel.org/linux-cve-announce/2025121653-CVE-2025-68310-e0fc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68311",
"url": "https://lore.kernel.org/linux-cve-announce/2025121654-CVE-2025-68311-c43d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68312",
"url": "https://lore.kernel.org/linux-cve-announce/2025121654-CVE-2025-68312-63bb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68313",
"url": "https://lore.kernel.org/linux-cve-announce/2025121654-CVE-2025-68313-c65d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68314",
"url": "https://lore.kernel.org/linux-cve-announce/2025121655-CVE-2025-68314-847b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68315",
"url": "https://lore.kernel.org/linux-cve-announce/2025121655-CVE-2025-68315-158d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68316",
"url": "https://lore.kernel.org/linux-cve-announce/2025121655-CVE-2025-68316-fe36@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68317",
"url": "https://lore.kernel.org/linux-cve-announce/2025121656-CVE-2025-68317-28c8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68318",
"url": "https://lore.kernel.org/linux-cve-announce/2025121656-CVE-2025-68318-5c94@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68319",
"url": "https://lore.kernel.org/linux-cve-announce/2025121656-CVE-2025-68319-6b7f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68320",
"url": "https://lore.kernel.org/linux-cve-announce/2025121622-CVE-2025-68320-4e08@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68321",
"url": "https://lore.kernel.org/linux-cve-announce/2025121622-CVE-2025-68321-72b0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-68322",
"url": "https://lore.kernel.org/linux-cve-announce/2025121622-CVE-2025-68322-b034@gregkh/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15836-1 vom 2025-12-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/53M4O7COKUKFXHXPCFMZDFAEZFGUL66A/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0443 vom 2026-01-12",
"url": "https://access.redhat.com/errata/RHSA-2026:0443"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0453 vom 2026-01-12",
"url": "https://access.redhat.com/errata/RHSA-2026:0453"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0444 vom 2026-01-12",
"url": "https://access.redhat.com/errata/RHSA-2026:0444"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0457 vom 2026-01-12",
"url": "https://access.redhat.com/errata/RHSA-2026:0457"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0453 vom 2026-01-13",
"url": "https://linux.oracle.com/errata/ELSA-2026-0453.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0489 vom 2026-01-13",
"url": "https://access.redhat.com/errata/RHSA-2026:0489"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0532 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0532"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0533 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0533"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0534 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0534"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0535 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0535"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0536 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0536"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0537 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0537"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0444 vom 2026-01-13",
"url": "https://linux.oracle.com/errata/ELSA-2026-0444.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0576 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0576"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0643 vom 2026-01-15",
"url": "https://access.redhat.com/errata/RHSA-2026:0643"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50006 vom 2026-01-15",
"url": "http://linux.oracle.com/errata/ELSA-2026-50006.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4436 vom 2026-01-14",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00007.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0759 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0759"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0747 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0747"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0754 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0754"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0755 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0755"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0760 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0760"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0443 vom 2026-01-17",
"url": "https://errata.build.resf.org/RLSA-2026:0443"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0444 vom 2026-01-17",
"url": "https://errata.build.resf.org/RLSA-2026:0444"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0453 vom 2026-01-17",
"url": "https://errata.build.resf.org/RLSA-2026:0453"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0793 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0793"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0786 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0786"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0804 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0804"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0786 vom 2026-01-20",
"url": "https://linux.oracle.com/errata/ELSA-2026-0786.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0793 vom 2026-01-21",
"url": "https://linux.oracle.com/errata/ELSA-2026-0793.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0950 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:0950"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0759 vom 2026-01-21",
"url": "https://linux.oracle.com/errata/ELSA-2026-0759.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0786 vom 2026-01-24",
"url": "https://errata.build.resf.org/RLSA-2026:0786"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0793 vom 2026-01-24",
"url": "https://errata.build.resf.org/RLSA-2026:0793"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0263-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023899.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0278-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023906.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0759 vom 2026-01-24",
"url": "https://errata.build.resf.org/RLSA-2026:0759"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1143 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:1143"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0760 vom 2026-01-24",
"url": "https://errata.build.resf.org/RLSA-2026:0760"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0281-1 vom 2026-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023914.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0293-1 vom 2026-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023915.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-1143 vom 2026-01-27",
"url": "https://linux.oracle.com/errata/ELSA-2026-1143.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0315-1 vom 2026-01-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023971.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0316-1 vom 2026-01-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023970.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0317-1 vom 2026-01-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023979.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1703 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1703"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1727 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1727"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1690 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1690"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-1690 vom 2026-02-03",
"url": "http://linux.oracle.com/errata/ELSA-2026-1690.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20145-1 vom 2026-02-03",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FIKVKDA42VXBWDNHA6WP345IDVA2E3XU/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1820 vom 2026-02-03",
"url": "https://access.redhat.com/errata/RHSA-2026:1820"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1886 vom 2026-02-04",
"url": "https://access.redhat.com/errata/RHSA-2026:1886"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20207-1 vom 2026-02-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024052.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1879 vom 2026-02-04",
"url": "https://access.redhat.com/errata/RHSA-2026:1879"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1909 vom 2026-02-04",
"url": "https://access.redhat.com/errata/RHSA-2026:1909"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1946 vom 2026-02-04",
"url": "https://access.redhat.com/errata/RHSA-2026:1946"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:1143 vom 2026-02-05",
"url": "https://errata.build.resf.org/RLSA-2026:1143"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-02-04T23:00:00.000+00:00",
"generator": {
"date": "2026-02-05T09:39:46.237+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2868",
"initial_release_date": "2025-12-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-12-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-12-21T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-01-11T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-12T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2026-01-13T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2026-01-14T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat, Oracle Linux und Debian aufgenommen"
},
{
"date": "2026-01-18T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-01-19T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2026-01-25T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Rocky Enterprise Software Foundation, SUSE und Red Hat aufgenommen"
},
{
"date": "2026-01-26T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-27T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-01-28T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-29T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-01T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-02T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-03T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Oracle Linux, openSUSE und Red Hat aufgenommen"
},
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE, Red Hat und Rocky Enterprise Software Foundation aufgenommen"
}
],
"status": "final",
"version": "19"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T049490",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000204",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2018-1000204"
},
{
"cve": "CVE-2025-40346",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40346"
},
{
"cve": "CVE-2025-40347",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40347"
},
{
"cve": "CVE-2025-40348",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40348"
},
{
"cve": "CVE-2025-40349",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40349"
},
{
"cve": "CVE-2025-40350",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40350"
},
{
"cve": "CVE-2025-40351",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40351"
},
{
"cve": "CVE-2025-40352",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40352"
},
{
"cve": "CVE-2025-40353",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40353"
},
{
"cve": "CVE-2025-40354",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40354"
},
{
"cve": "CVE-2025-40355",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40355"
},
{
"cve": "CVE-2025-40356",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40356"
},
{
"cve": "CVE-2025-40357",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40357"
},
{
"cve": "CVE-2025-40358",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40358"
},
{
"cve": "CVE-2025-40359",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40359"
},
{
"cve": "CVE-2025-40360",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40360"
},
{
"cve": "CVE-2025-40361",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40361"
},
{
"cve": "CVE-2025-40362",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40362"
},
{
"cve": "CVE-2025-40363",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-40363"
},
{
"cve": "CVE-2025-68167",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68167"
},
{
"cve": "CVE-2025-68168",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68168"
},
{
"cve": "CVE-2025-68169",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68169"
},
{
"cve": "CVE-2025-68170",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68170"
},
{
"cve": "CVE-2025-68171",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68171"
},
{
"cve": "CVE-2025-68172",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68172"
},
{
"cve": "CVE-2025-68173",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68173"
},
{
"cve": "CVE-2025-68174",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68174"
},
{
"cve": "CVE-2025-68175",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68175"
},
{
"cve": "CVE-2025-68176",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68176"
},
{
"cve": "CVE-2025-68177",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68177"
},
{
"cve": "CVE-2025-68178",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68178"
},
{
"cve": "CVE-2025-68179",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68179"
},
{
"cve": "CVE-2025-68180",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68180"
},
{
"cve": "CVE-2025-68181",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68181"
},
{
"cve": "CVE-2025-68182",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68182"
},
{
"cve": "CVE-2025-68183",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68183"
},
{
"cve": "CVE-2025-68184",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68184"
},
{
"cve": "CVE-2025-68185",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68185"
},
{
"cve": "CVE-2025-68186",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68186"
},
{
"cve": "CVE-2025-68187",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68187"
},
{
"cve": "CVE-2025-68188",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68188"
},
{
"cve": "CVE-2025-68189",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68189"
},
{
"cve": "CVE-2025-68190",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68190"
},
{
"cve": "CVE-2025-68191",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68191"
},
{
"cve": "CVE-2025-68192",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68192"
},
{
"cve": "CVE-2025-68193",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68193"
},
{
"cve": "CVE-2025-68194",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68194"
},
{
"cve": "CVE-2025-68195",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68195"
},
{
"cve": "CVE-2025-68196",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68196"
},
{
"cve": "CVE-2025-68197",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68197"
},
{
"cve": "CVE-2025-68198",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68198"
},
{
"cve": "CVE-2025-68199",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68199"
},
{
"cve": "CVE-2025-68200",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68200"
},
{
"cve": "CVE-2025-68201",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68201"
},
{
"cve": "CVE-2025-68202",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68202"
},
{
"cve": "CVE-2025-68203",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68203"
},
{
"cve": "CVE-2025-68204",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68204"
},
{
"cve": "CVE-2025-68205",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68205"
},
{
"cve": "CVE-2025-68206",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68206"
},
{
"cve": "CVE-2025-68207",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68207"
},
{
"cve": "CVE-2025-68208",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68208"
},
{
"cve": "CVE-2025-68209",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68209"
},
{
"cve": "CVE-2025-68210",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68210"
},
{
"cve": "CVE-2025-68211",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68211"
},
{
"cve": "CVE-2025-68212",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68212"
},
{
"cve": "CVE-2025-68213",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68213"
},
{
"cve": "CVE-2025-68214",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68214"
},
{
"cve": "CVE-2025-68215",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68215"
},
{
"cve": "CVE-2025-68216",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68216"
},
{
"cve": "CVE-2025-68217",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68217"
},
{
"cve": "CVE-2025-68218",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68218"
},
{
"cve": "CVE-2025-68219",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68219"
},
{
"cve": "CVE-2025-68220",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68220"
},
{
"cve": "CVE-2025-68221",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68221"
},
{
"cve": "CVE-2025-68222",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68222"
},
{
"cve": "CVE-2025-68223",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68223"
},
{
"cve": "CVE-2025-68224",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68224"
},
{
"cve": "CVE-2025-68225",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68225"
},
{
"cve": "CVE-2025-68226",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68226"
},
{
"cve": "CVE-2025-68227",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68227"
},
{
"cve": "CVE-2025-68228",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68228"
},
{
"cve": "CVE-2025-68229",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68229"
},
{
"cve": "CVE-2025-68230",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68230"
},
{
"cve": "CVE-2025-68231",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68231"
},
{
"cve": "CVE-2025-68232",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68232"
},
{
"cve": "CVE-2025-68233",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68233"
},
{
"cve": "CVE-2025-68234",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68234"
},
{
"cve": "CVE-2025-68235",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68235"
},
{
"cve": "CVE-2025-68236",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68236"
},
{
"cve": "CVE-2025-68237",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68237"
},
{
"cve": "CVE-2025-68238",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68238"
},
{
"cve": "CVE-2025-68239",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68239"
},
{
"cve": "CVE-2025-68240",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68240"
},
{
"cve": "CVE-2025-68241",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68241"
},
{
"cve": "CVE-2025-68242",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68242"
},
{
"cve": "CVE-2025-68243",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68243"
},
{
"cve": "CVE-2025-68244",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68244"
},
{
"cve": "CVE-2025-68245",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68245"
},
{
"cve": "CVE-2025-68246",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68246"
},
{
"cve": "CVE-2025-68247",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68247"
},
{
"cve": "CVE-2025-68248",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68248"
},
{
"cve": "CVE-2025-68249",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68249"
},
{
"cve": "CVE-2025-68250",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68250"
},
{
"cve": "CVE-2025-68251",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68251"
},
{
"cve": "CVE-2025-68252",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68252"
},
{
"cve": "CVE-2025-68253",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68253"
},
{
"cve": "CVE-2025-68254",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68254"
},
{
"cve": "CVE-2025-68255",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68255"
},
{
"cve": "CVE-2025-68256",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68256"
},
{
"cve": "CVE-2025-68257",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68257"
},
{
"cve": "CVE-2025-68258",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68258"
},
{
"cve": "CVE-2025-68259",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68259"
},
{
"cve": "CVE-2025-68260",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68260"
},
{
"cve": "CVE-2025-68261",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68261"
},
{
"cve": "CVE-2025-68262",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68262"
},
{
"cve": "CVE-2025-68263",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68263"
},
{
"cve": "CVE-2025-68264",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68264"
},
{
"cve": "CVE-2025-68265",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68265"
},
{
"cve": "CVE-2025-68266",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68266"
},
{
"cve": "CVE-2025-68281",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68281"
},
{
"cve": "CVE-2025-68282",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68282"
},
{
"cve": "CVE-2025-68283",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68283"
},
{
"cve": "CVE-2025-68284",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68284"
},
{
"cve": "CVE-2025-68285",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68285"
},
{
"cve": "CVE-2025-68286",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68286"
},
{
"cve": "CVE-2025-68287",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68287"
},
{
"cve": "CVE-2025-68288",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68288"
},
{
"cve": "CVE-2025-68289",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68289"
},
{
"cve": "CVE-2025-68290",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68290"
},
{
"cve": "CVE-2025-68291",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68291"
},
{
"cve": "CVE-2025-68292",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68292"
},
{
"cve": "CVE-2025-68293",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68293"
},
{
"cve": "CVE-2025-68294",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68294"
},
{
"cve": "CVE-2025-68295",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68295"
},
{
"cve": "CVE-2025-68296",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68296"
},
{
"cve": "CVE-2025-68297",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68297"
},
{
"cve": "CVE-2025-68298",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68298"
},
{
"cve": "CVE-2025-68299",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68299"
},
{
"cve": "CVE-2025-68300",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68300"
},
{
"cve": "CVE-2025-68301",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68301"
},
{
"cve": "CVE-2025-68302",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68302"
},
{
"cve": "CVE-2025-68303",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68303"
},
{
"cve": "CVE-2025-68304",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68304"
},
{
"cve": "CVE-2025-68305",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68305"
},
{
"cve": "CVE-2025-68306",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68306"
},
{
"cve": "CVE-2025-68307",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68307"
},
{
"cve": "CVE-2025-68308",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68308"
},
{
"cve": "CVE-2025-68309",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68309"
},
{
"cve": "CVE-2025-68310",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68310"
},
{
"cve": "CVE-2025-68311",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68311"
},
{
"cve": "CVE-2025-68312",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68312"
},
{
"cve": "CVE-2025-68313",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68313"
},
{
"cve": "CVE-2025-68314",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68314"
},
{
"cve": "CVE-2025-68315",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68315"
},
{
"cve": "CVE-2025-68316",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68316"
},
{
"cve": "CVE-2025-68317",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68317"
},
{
"cve": "CVE-2025-68318",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68318"
},
{
"cve": "CVE-2025-68319",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68319"
},
{
"cve": "CVE-2025-68320",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68320"
},
{
"cve": "CVE-2025-68321",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68321"
},
{
"cve": "CVE-2025-68322",
"product_status": {
"known_affected": [
"T049490",
"2951",
"T002207",
"67646",
"T027843",
"T004914",
"T032255"
]
},
"release_date": "2025-12-16T23:00:00.000+00:00",
"title": "CVE-2025-68322"
}
]
}
GHSA-MRVQ-MP59-QVJ4
Vulnerability from github – Published: 2025-12-16 15:30 – Updated: 2025-12-16 15:30
VLAI?
Details
In the Linux kernel, the following vulnerability has been resolved:
veth: more robust handing of race to avoid txq getting stuck
Commit dc82a33297fc ("veth: apply qdisc backpressure on full ptr_ring to reduce TX drops") introduced a race condition that can lead to a permanently stalled TXQ. This was observed in production on ARM64 systems (Ampere Altra Max).
The race occurs in veth_xmit(). The producer observes a full ptr_ring and stops the queue (netif_tx_stop_queue()). The subsequent conditional logic, intended to re-wake the queue if the consumer had just emptied it (if (__ptr_ring_empty(...)) netif_tx_wake_queue()), can fail. This leads to a "lost wakeup" where the TXQ remains stopped (QUEUE_STATE_DRV_XOFF) and traffic halts.
This failure is caused by an incorrect use of the __ptr_ring_empty() API from the producer side. As noted in kernel comments, this check is not guaranteed to be correct if a consumer is operating on another CPU. The empty test is based on ptr_ring->consumer_head, making it reliable only for the consumer. Using this check from the producer side is fundamentally racy.
This patch fixes the race by adopting the more robust logic from an earlier version V4 of the patchset, which always flushed the peer:
(1) In veth_xmit(), the racy conditional wake-up logic and its memory barrier are removed. Instead, after stopping the queue, we unconditionally call __veth_xdp_flush(rq). This guarantees that the NAPI consumer is scheduled, making it solely responsible for re-waking the TXQ. This handles the race where veth_poll() consumes all packets and completes NAPI before veth_xmit() on the producer side has called netif_tx_stop_queue. The __veth_xdp_flush(rq) will observe rx_notify_masked is false and schedule NAPI.
(2) On the consumer side, the logic for waking the peer TXQ is moved out of veth_xdp_rcv() and placed at the end of the veth_poll() function. This placement is part of fixing the race, as the netif_tx_queue_stopped() check must occur after rx_notify_masked is potentially set to false during NAPI completion. This handles the race where veth_poll() consumes all packets, but haven't finished (rx_notify_masked is still true). The producer veth_xmit() stops the TXQ and __veth_xdp_flush(rq) will observe rx_notify_masked is true, meaning not starting NAPI. Then veth_poll() change rx_notify_masked to false and stops NAPI. Before exiting veth_poll() will observe TXQ is stopped and wake it up.
{
"affected": [],
"aliases": [
"CVE-2025-68232"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-16T14:15:57Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nveth: more robust handing of race to avoid txq getting stuck\n\nCommit dc82a33297fc (\"veth: apply qdisc backpressure on full ptr_ring to\nreduce TX drops\") introduced a race condition that can lead to a permanently\nstalled TXQ. This was observed in production on ARM64 systems (Ampere Altra\nMax).\n\nThe race occurs in veth_xmit(). The producer observes a full ptr_ring and\nstops the queue (netif_tx_stop_queue()). The subsequent conditional logic,\nintended to re-wake the queue if the consumer had just emptied it (if\n(__ptr_ring_empty(...)) netif_tx_wake_queue()), can fail. This leads to a\n\"lost wakeup\" where the TXQ remains stopped (QUEUE_STATE_DRV_XOFF) and\ntraffic halts.\n\nThis failure is caused by an incorrect use of the __ptr_ring_empty() API\nfrom the producer side. As noted in kernel comments, this check is not\nguaranteed to be correct if a consumer is operating on another CPU. The\nempty test is based on ptr_ring-\u003econsumer_head, making it reliable only for\nthe consumer. Using this check from the producer side is fundamentally racy.\n\nThis patch fixes the race by adopting the more robust logic from an earlier\nversion V4 of the patchset, which always flushed the peer:\n\n(1) In veth_xmit(), the racy conditional wake-up logic and its memory barrier\nare removed. Instead, after stopping the queue, we unconditionally call\n__veth_xdp_flush(rq). This guarantees that the NAPI consumer is scheduled,\nmaking it solely responsible for re-waking the TXQ.\n This handles the race where veth_poll() consumes all packets and completes\nNAPI *before* veth_xmit() on the producer side has called netif_tx_stop_queue.\nThe __veth_xdp_flush(rq) will observe rx_notify_masked is false and schedule\nNAPI.\n\n(2) On the consumer side, the logic for waking the peer TXQ is moved out of\nveth_xdp_rcv() and placed at the end of the veth_poll() function. This\nplacement is part of fixing the race, as the netif_tx_queue_stopped() check\nmust occur after rx_notify_masked is potentially set to false during NAPI\ncompletion.\n This handles the race where veth_poll() consumes all packets, but haven\u0027t\nfinished (rx_notify_masked is still true). The producer veth_xmit() stops the\nTXQ and __veth_xdp_flush(rq) will observe rx_notify_masked is true, meaning\nnot starting NAPI. Then veth_poll() change rx_notify_masked to false and\nstops NAPI. Before exiting veth_poll() will observe TXQ is stopped and wake\nit up.",
"id": "GHSA-mrvq-mp59-qvj4",
"modified": "2025-12-16T15:30:46Z",
"published": "2025-12-16T15:30:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68232"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5442a9da69789741bfda39f34ee7f69552bf0c56"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6c8a8b9257a660e622689e23c8fbad4ba2b561b9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dd419a3f2ebc18cc00bc32c57fd052d7a188b78b"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…