Linux Kernel Vulnerability in Device-Bound Programs for Generic Mode
CVE-2025-21808

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability in the Linux kernel allows device-bound programs to be improperly attached in generic XDP mode, which can lead to system crashes. These programs are intended to utilize RX metadata kfuncs specific to drivers, but without appropriate checks in place, they can be invoked in a generic context, resulting in invalid behavior and potential instability. This issue has been addressed by introducing restrictions that prevent such attachments in generic mode, thereby enhancing system reliability.

Affected Version(s)

Linux 2b3486bc2d237ec345b3942b7be5deabf8c8fed1

Linux 2b3486bc2d237ec345b3942b7be5deabf8c8fed1 < 557707906dd3e34b8a8c265f664d19f95799937e

Linux 2b3486bc2d237ec345b3942b7be5deabf8c8fed1 < 5a9eae683d6c36e8a7aa31e5eb8b369e41aa66e1

References

https://git.kernel.org/stable/c/b1bc4a35a04cbeb85b6ef5911...

https://git.kernel.org/stable/c/557707906dd3e34b8a8c265f6...

https://git.kernel.org/stable/c/5a9eae683d6c36e8a7aa31e5e...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024