CVE-2025-21808

net: xdp: Disallow attaching device-bound programs in generic mode

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These
kfuncs are driver-specific and rely on the driver context to read the
metadata. This means they can't work in generic XDP mode. However, there
is no check to disallow such programs from being attached in generic
mode, in which case the metadata kfuncs will be called in an invalid
context, leading to crashes. Fix this by adding a check to disallow attaching device-bound programs
in generic mode.

In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metadata. This means they can't work in generic XDP mode. However, there is no check to disallow such programs from being attached in generic mode, in which case the metadata kfuncs will be called in an invalid context, leading to crashes. Fix this by adding a check to disallow attaching device-bound programs in generic mode.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-29 CVE Reserved
2025-02-27 CVE Published
2025-02-27 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/2b3486bc2d237ec345b3942b7be5deabf8c8fed1	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/b1bc4a35a04cbeb85b6ef5911ec015baa424989f	2025-02-08
https://git.kernel.org/stable/c/557707906dd3e34b8a8c265f664d19f95799937e	2025-02-08
https://git.kernel.org/stable/c/5a9eae683d6c36e8a7aa31e5eb8b369e41aa66e1	2025-02-08
https://git.kernel.org/stable/c/3595599fa8360bb3c7afa7ee50c810b4a64106ea	2025-01-30

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.3 < 6.6.76 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.3 < 6.6.76"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.3 < 6.12.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.3 < 6.12.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.3 < 6.13.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.3 < 6.13.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.3 < 6.14-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.3 < 6.14-rc1"		en		Affected