CVE-2025-21867

Summary

CVE-2025-21867: A use-after-free vulnerability has been identified and resolved in the Linux kernel's eth_skb_pkt_type function. This issue occurred when bpf_prog_test_run_xdp passed an invalid value as the user_data argument to bpf_test_init. The vulnerability allowed for uninitialized memory to be accessed, potentially leading to code execution. The issue was discovered using KMSAN and affected various functions including eth_skb_pkt_type, eth_type_trans, and bpf_test_run. The vulnerability was created during free_pages_prepare and was eventually freed during bpf_map_free. The kernel version affected is 6.12.0-05490-g9bb88c659673.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.