CVE-2025-68378

Summary

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix stackmap overflow check in __bpf_get_stackid()

Syzkaller reported a KASAN slab-out-of-bounds write in __bpf_get_stackid() when copying stack trace data. The issue occurs when the perf trace contains more stack entries than the stack map bucket can hold, leading to an out-of-bounds write in the bucket's data array.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxee2a098851bfbe8bcdd964c0121f4246f00ff41e < d1f424a77b6bd27b361737ed73df49a0158f1590affected
LinuxLinuxee2a098851bfbe8bcdd964c0121f4246f00ff41e < 2a008f6de163279deffd488c1deab081bce5667caffected
LinuxLinuxee2a098851bfbe8bcdd964c0121f4246f00ff41e < 4669a8db976c8cbd5427fe9945f12c5fa5168ff3affected
LinuxLinuxee2a098851bfbe8bcdd964c0121f4246f00ff41e < 23f852daa4bab4d579110e034e4d513f7d490846affected
LinuxLinux90805175a206f784b6a77f16f07b07f6803e286baffected
LinuxLinux398ac11f4425d1e52aaf0d05d4fc90524e1a5b5eaffected
LinuxLinuxe750f78c4ed7cefbcefb9769b3b9e08033db39daaffected
LinuxLinux6c4f243b58f5362e983386488b2d563764c567afaffected
LinuxLinux5.10.110 < 5.11affected
LinuxLinux5.15.33 < 5.16affected
LinuxLinux5.16.19 < 5.17affected
LinuxLinux5.17.2 < 5.18affected
LinuxLinux5.18affected
LinuxLinux0 < 5.18unaffected
LinuxLinux6.12.63 <= 6.12.*unaffected
LinuxLinux6.17.13 <= 6.17.*unaffected
LinuxLinux6.18.2 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References