CVE-2025-68378

Linux Kernel 5.18.0-6.12.63, 6.13.0-6.17.13, 6.18.0-6.18.2 - Stack-Based Buffer Overflow in BPF Stackmap

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check in __bpf_get_stackid() Syzkaller reported a KASAN slab-out-of-bounds write in __bpf_get_stackid() when copying stack trace data. The issue occurs when the perf trace contains more stack entries than the stack map bucket can hold, leading to an out-of-bounds write in the bucket's data array.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/d1f424a77b6bd27b361737ed73df49a0158f1590

Patch

https://git.kernel.org/stable/c/2a008f6de163279deffd488c1deab081bce5667c

Patch

https://git.kernel.org/stable/c/4669a8db976c8cbd5427fe9945f12c5fa5168ff3

Patch

https://git.kernel.org/stable/c/23f852daa4bab4d579110e034e4d513f7d490846

Scores

EPSS 0.0002

EPSS Percentile 7.2%

Details

Status published

Products (21)

linux/Kernel 5.18.0 - 6.12.63linux

linux/Kernel 6.13.0 - 6.17.13linux

linux/Kernel 6.18.0 - 6.18.2linux

Linux/Linux < 5.18

Linux/Linux 398ac11f4425d1e52aaf0d05d4fc90524e1a5b5e

Linux/Linux 5.10.110 - 5.11

Linux/Linux 5.15.33 - 5.16

Linux/Linux 5.16.19 - 5.17

Linux/Linux 5.17.2 - 5.18

Linux/Linux 5.18

... and 11 more

Published Dec 24, 2025

Tracked Since Feb 18, 2026