CVE-2025-68321

Summary

In the Linux kernel, the following vulnerability has been resolved:

page_pool: always add GFP_NOWARN for ATOMIC allocations

Driver authors often forget to add GFP_NOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty much expect network Rx to hit page allocation failures during OOM. Make page pool add GFP_NOWARN for ATOMIC allocations by default.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxff7d6b27f894f1469dc51ccb828b7363ccd9799f < 0ec2cd5c58793d0c622797cd5fbe26634b357210affected
LinuxLinuxff7d6b27f894f1469dc51ccb828b7363ccd9799f < 9835a0fd59a1df5ec0740fdab6d50db68e0f10deaffected
LinuxLinuxff7d6b27f894f1469dc51ccb828b7363ccd9799f < 7613c06ffa89c1e2266fb532e23ef7dfdf269d73affected
LinuxLinuxff7d6b27f894f1469dc51ccb828b7363ccd9799f < 3671a0775952026228ae44e096eb144bca75f8dcaffected
LinuxLinuxff7d6b27f894f1469dc51ccb828b7363ccd9799f < ab48dc0e23eb714b3f233f8e8f6deed7df2051f5affected
LinuxLinuxff7d6b27f894f1469dc51ccb828b7363ccd9799f < f3b52167a0cb23b27414452fbc1278da2ee884fcaffected
LinuxLinux4.18affected
LinuxLinux0 < 4.18unaffected
LinuxLinux5.15.197 <= 5.15.*unaffected
LinuxLinux6.1.159 <= 6.1.*unaffected
LinuxLinux6.6.117 <= 6.6.*unaffected
LinuxLinux6.12.58 <= 6.12.*unaffected
LinuxLinux6.17.8 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References