CVE-2025-68378 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check in __bpf_get_stackid() Syzkaller reported a KASAN slab-out-of-bounds write in __bpf_get_stackid() when copying stack trace data. The issue occurs when the perf trace contains more stack entries than the stack map bucket can hold, leading to an out-of-bounds write in the bucket's data array.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/23f852daa4bab4d579110e034e4d513f7d490846
https://git.kernel.org/stable/c/2a008f6de163279deffd488c1deab081bce5667c
https://git.kernel.org/stable/c/4669a8db976c8cbd5427fe9945f12c5fa5168ff3
https://git.kernel.org/stable/c/d1f424a77b6bd27b361737ed73df49a0158f1590

History

Wed, 24 Dec 2025 10:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check in __bpf_get_stackid() Syzkaller reported a KASAN slab-out-of-bounds write in __bpf_get_stackid() when copying stack trace data. The issue occurs when the perf trace contains more stack entries than the stack map bucket can hold, leading to an out-of-bounds write in the bucket's data array.
Title		bpf: Fix stackmap overflow check in __bpf_get_stackid()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/23f852daa4bab4d579110e034e4d513f7d490846 https://git.kernel.org/stable/c/2a008f6de163279deffd488c1deab081bce5667c https://git.kernel.org/stable/c/4669a8db976c8cbd5427fe9945f12c5fa5168ff3 https://git.kernel.org/stable/c/d1f424a77b6bd27b361737ed73df49a0158f1590

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T10:33:06.859Z

Updated: 2025-12-24T10:33:06.859Z

Reserved: 2025-12-16T14:48:05.311Z

Link: CVE-2025-68378

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-24T11:16:01.390

Modified: 2025-12-24T11:16:01.390

Link: CVE-2025-68378

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-68378", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-16T14:48:05.311Z", "datePublished": "2025-12-24T10:33:06.859Z", "dateUpdated": "2025-12-24T10:33:06.859Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-24T10:33:06.859Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stackmap overflow check in __bpf_get_stackid()\n\nSyzkaller reported a KASAN slab-out-of-bounds write in __bpf_get_stackid()\nwhen copying stack trace data. The issue occurs when the perf trace\n contains more stack entries than the stack map bucket can hold,\n leading to an out-of-bounds write in the bucket's data array."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/bpf/stackmap.c"], "versions": [{"version": "ee2a098851bfbe8bcdd964c0121f4246f00ff41e", "lessThan": "d1f424a77b6bd27b361737ed73df49a0158f1590", "status": "affected", "versionType": "git"}, {"version": "ee2a098851bfbe8bcdd964c0121f4246f00ff41e", "lessThan": "2a008f6de163279deffd488c1deab081bce5667c", "status": "affected", "versionType": "git"}, {"version": "ee2a098851bfbe8bcdd964c0121f4246f00ff41e", "lessThan": "4669a8db976c8cbd5427fe9945f12c5fa5168ff3", "status": "affected", "versionType": "git"}, {"version": "ee2a098851bfbe8bcdd964c0121f4246f00ff41e", "lessThan": "23f852daa4bab4d579110e034e4d513f7d490846", "status": "affected", "versionType": "git"}, {"version": "90805175a206f784b6a77f16f07b07f6803e286b", "status": "affected", "versionType": "git"}, {"version": "398ac11f4425d1e52aaf0d05d4fc90524e1a5b5e", "status": "affected", "versionType": "git"}, {"version": "e750f78c4ed7cefbcefb9769b3b9e08033db39da", "status": "affected", "versionType": "git"}, {"version": "6c4f243b58f5362e983386488b2d563764c567af", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/bpf/stackmap.c"], "versions": [{"version": "5.18", "status": "affected"}, {"version": "0", "lessThan": "5.18", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.63", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17.13", "lessThanOrEqual": "6.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.2", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.18", "versionEndExcluding": "6.12.63"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.18", "versionEndExcluding": "6.17.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.18", "versionEndExcluding": "6.18.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.18", "versionEndExcluding": "6.19-rc1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.110"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.33"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16.19"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.17.2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d1f424a77b6bd27b361737ed73df49a0158f1590"}, {"url": "https://git.kernel.org/stable/c/2a008f6de163279deffd488c1deab081bce5667c"}, {"url": "https://git.kernel.org/stable/c/4669a8db976c8cbd5427fe9945f12c5fa5168ff3"}, {"url": "https://git.kernel.org/stable/c/23f852daa4bab4d579110e034e4d513f7d490846"}], "title": "bpf: Fix stackmap overflow check in __bpf_get_stackid()", "x_generator": {"engine": "bippy-1.2.0"}}}}