Linux Kernel Vulnerability Affecting Qdisc Hierarchy in Networking
CVE-2025-68325

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 December 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-68325?

A vulnerability in the Linux kernel's networking subsystem affects the queuing discipline (qdisc) hierarchy, specifically in the cake scheduler. The issue arises during packet enqueueing in the cake_drop() function, which can lead to inconsistent queue length and backlog accounting due to an incorrect assumption about packet processing. When cake_enqueue() returns NET_XMIT_CN, the parent qdisc may halt enqueuing the current packet, causing a potential NULL dereference. A patch has been introduced to enhance the robustness of queue accounting by accurately computing the qlen/backlog delta, ensuring proper operation even with ACK thinning enabled.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux de04ddd2980b48caa8d7e24a7db2742917a8b280

Linux 0dacfc5372e314d1219f03e64dde3ab495a5a25e < 38abf6e931b169ea88d7529b49096f53a5dcf8fe

Linux 710866fc0a64eafcb8bacd91bcb1329eb7e5035f

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-68325
Created by n132