{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-68234", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-16T13:41:40.258Z", "datePublished": "2025-12-16T14:04:14.300Z", "dateUpdated": "2025-12-16T14:04:14.300Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-16T14:04:14.300Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/cmd_net: fix wrong argument types for skb_queue_splice()\n\nIf timestamp retriving needs to be retried and the local list of\nSKB's already has entries, then it's spliced back into the socket\nqueue. However, the arguments for the splice helper are transposed,\ncausing exactly the wrong direction of splicing into the on-stack\nlist. Fix that up."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["io_uring/cmd_net.c"], "versions": [{"version": "9e4ed359b8efad0e8ad4510d8ad22bf0b060526a", "lessThan": "c85d2cfc5e24e6866b56c7253fd4e1c7db35986c", "status": "affected", "versionType": "git"}, {"version": "9e4ed359b8efad0e8ad4510d8ad22bf0b060526a", "lessThan": "46447367a52965e9d35f112f5b26fc8ff8ec443d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["io_uring/cmd_net.c"], "versions": [{"version": "6.17", "status": "affected"}, {"version": "0", "lessThan": "6.17", "status": "unaffected", "versionType": "semver"}, {"version": "6.17.10", "lessThanOrEqual": "6.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "6.17.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "6.18"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/c85d2cfc5e24e6866b56c7253fd4e1c7db35986c"}, {"url": "https://git.kernel.org/stable/c/46447367a52965e9d35f112f5b26fc8ff8ec443d"}], "title": "io_uring/cmd_net: fix wrong argument types for skb_queue_splice()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/cmd_net: fix wrong argument types for skb_queue_splice()\n\nIf timestamp retriving needs to be retried and the local list of\nSKB's already has entries, then it's spliced back into the socket\nqueue. However, the arguments for the splice helper are transposed,\ncausing exactly the wrong direction of splicing into the on-stack\nlist. Fix that up."}], "id": "CVE-2025-68234", "lastModified": "2025-12-16T14:15:58.267", "metrics": {}, "published": "2025-12-16T14:15:58.267", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/46447367a52965e9d35f112f5b26fc8ff8ec443d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c85d2cfc5e24e6866b56c7253fd4e1c7db35986c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{}

{}