Fragment Overflow Issue in Aquantia NIC Drivers by Linux
CVE-2025-68301

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 December 2025

What is CVE-2025-68301?

In the Linux kernel, the Aquantia AQC113 NIC drivers suffer from a fragment overflow issue that occurs during the handling of large multi-descriptor packets. When the driver processes packets with an excessive number of fragments, it can lead to an out-of-bounds write in the skb_add_rx_frag_netmem() function. This results in a kernel panic due to the fragment index exceeding the allocated bounds. The vulnerability is addressed by ensuring proper checks are implemented for the number of fragments processed, thus preventing potential crashes in production environments.

Affected Version(s)

Linux cd66ab20a8f84474564a68fffffd37d998f6c340 < 34147477eeab24077fcfe9649e282849347d760c

Linux 948ddbdc56636773401f2cb9c7a932eb9c43ccfd

Linux 6aecbba12b5c90b26dc062af3b9de8c4b3a2f19f < 5d6051ea1b0417ae2f06a8440d22e48fbc8f8997

References

https://git.kernel.org/stable/c/34147477eeab24077fcfe9649...

https://git.kernel.org/stable/c/b0c4d5135b04ea100988e2458...

https://git.kernel.org/stable/c/5d6051ea1b0417ae2f06a8440...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2025
Vulnerability Reserved
Dec 16, 2025

JSON