CVE-2025-21922

Summary

CVE-2025-21922: A vulnerability was identified in the Linux kernel's ppp driver. The issue arises from the driver not initializing a 2-byte header when using socket filter with BPF programs. This can cause an "uninit-value" warning in the kernel memory safety subsystem (KMSAN), as discovered by Syzbot. If an attacker creates a specially crafted BPF program that starts reading from offset 0, they can access uninitialized data, potentially causing a security vulnerability. The issue was identified in the pppd/options.c file of the ppp project repository, which is maintained by the original ppp driver maintainer.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.