CVE-2025-68744 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

bpf: Free special fields when update [lru_,]percpu_hash maps

As [lru_,]percpu_hash maps support BPF_KPTR_{REF,PERCPU}, missing
calls to 'bpf_obj_free_fields()' in 'pcpu_copy_value()' could cause the
memory referenced by BPF_KPTR_{REF,PERCPU} fields to be held until the
map gets freed.

Fix this by calling 'bpf_obj_free_fields()' after
'copy_map_value[,_long]()' in 'pcpu_copy_value()'.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00026.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`65334e64a493c6a0976de7ad56bf8b7a9ff04b4a`	affected	< 994d6303ed0b84cbc795bb5becf7ed6de40d3f3c
`65334e64a493c6a0976de7ad56bf8b7a9ff04b4a`	affected	< 3bf1378747e251571e0de15e7e0a6bf2919044e7
`65334e64a493c6a0976de7ad56bf8b7a9ff04b4a`	affected	< 96a5cb7072cabbac5c66ac9318242c3bdceebb68
`65334e64a493c6a0976de7ad56bf8b7a9ff04b4a`	affected	< 4a03d69cece145e4fb527464be29c3806aa3221e
`65334e64a493c6a0976de7ad56bf8b7a9ff04b4a`	affected	< 6af6e49a76c9af7d42eb923703e7648cb2bf401a

Linux

affected

Version	Status	Constraints
`6.4`	affected	—
`0`	unaffected	< 6.4
`6.6.120`	unaffected	≤ 6.6.*
`6.12.63`	unaffected	≤ 6.12.*
`6.17.13`	unaffected	≤ 6.17.*
`6.18.2`	unaffected	≤ 6.18.*
`6.19`	unaffected	≤ *

No data.

Project Subscriptions

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/3bf1378747e251571e0de15e7e0a6bf2919044e7
https://git.kernel.org/stable/c/4a03d69cece145e4fb527464be29c3806aa3221e
https://git.kernel.org/stable/c/6af6e49a76c9af7d42eb923703e7648cb2bf401a
https://git.kernel.org/stable/c/96a5cb7072cabbac5c66ac9318242c3bdceebb68
https://git.kernel.org/stable/c/994d6303ed0b84cbc795bb5becf7ed6de40d3f3c
https://lore.kernel.org/linux-cve-announce/2025122416-CVE-2025-68744-bf55@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-68744
https://www.cve.org/CVERecord?id=CVE-2025-68744

History

Sun, 11 Jan 2026 16:45:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/994d6303ed0b84cbc795bb5becf7ed6de40d3f3c

Thu, 25 Dec 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025122416-CVE-2025-68744-bf55@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-68744 https://www.cve.org/CVERecord?id=CVE-2025-68744
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Wed, 24 Dec 2025 12:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update [lru_,]percpu_hash maps As [lru_,]percpu_hash maps support BPF_KPTR_{REF,PERCPU}, missing calls to 'bpf_obj_free_fields()' in 'pcpu_copy_value()' could cause the memory referenced by BPF_KPTR_{REF,PERCPU} fields to be held until the map gets freed. Fix this by calling 'bpf_obj_free_fields()' after 'copy_map_value[,_long]()' in 'pcpu_copy_value()'.
Title		bpf: Free special fields when update [lru_,]percpu_hash maps
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/3bf1378747e251571e0de15e7e0a6bf2919044e7 https://git.kernel.org/stable/c/4a03d69cece145e4fb527464be29c3806aa3221e https://git.kernel.org/stable/c/6af6e49a76c9af7d42eb923703e7648cb2bf401a https://git.kernel.org/stable/c/96a5cb7072cabbac5c66ac9318242c3bdceebb68

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T12:09:40.839Z

Updated: 2026-02-09T08:32:48.466Z

Reserved: 2025-12-24T10:30:51.031Z

Link: CVE-2025-68744

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-12-24T13:16:29.343

Modified: 2026-01-11T17:15:57.807

Link: CVE-2025-68744

Redhat

Severity : Low

Publid Date: 2025-12-24T00:00:00Z

Links: CVE-2025-68744 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object