CVE-2025-68744

In the Linux kernel, the following vulnerability has been resolved:

bpf: Free special fields when update [lru_,]percpu_hash maps

As [lru_,]percpu_hash maps support BPF_KPTR_{REF,PERCPU}, missing
calls to 'bpf_obj_free_fields()' in 'pcpu_copy_value()' could cause the
memory referenced by BPF_KPTR_{REF,PERCPU} fields to be held until the
map gets freed.

Fix this by calling 'bpf_obj_free_fields()' after
'copy_map_value[,_long]()' in 'pcpu_copy_value()'.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
bookworm
6.1.148-1
not-affected
bullseye (security)
5.10.247-1
fixed
bookworm (security)
6.1.158-1
fixed
trixie
vulnerable
trixie (security)
vulnerable
forky
vulnerable
sid
6.17.13-1
fixed
References
https://git.kernel.org/stable/c/3bf1378747e251571e0de15e7e0a6bf2919044e7
https://git.kernel.org/stable/c/4a03d69cece145e4fb527464be29c3806aa3221e
https://git.kernel.org/stable/c/6af6e49a76c9af7d42eb923703e7648cb2bf401a
https://git.kernel.org/stable/c/96a5cb7072cabbac5c66ac9318242c3bdceebb68