CVE-2025-21683

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 31, 2025

Updated: Feb 3, 2025

CWE ID 401

Summary

CVE-2025-21683: A memory leak vulnerability has been identified and addressed in the Linux kernel. This issue stems from the bpf subsystem, specifically in the function bpf_sk_select_reuseport(). If a TCP socket with SO_ATTACH_REUSEPORT_EBPF set before establishment is encountered, the socket reference is not dropped properly, leading to a memory leak. This vulnerability can potentially result in memory exhaustion and system instability. The affected component can be found in comm "test_progs" with PID 44109.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/281wlN
https://www.cve.org/CVERecord?id=CVE-2025-21683
https://nvd.nist.gov/vuln/detail/CVE-2025-21683

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Know What Matters

For Customers

For Partners

CVE-2025-21683

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations