Linux · Linux Kernel · CVE-2025-21808
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
A vulnerability in the Linux kernel has been identified, related to the attachment of device-bound programs in generic XDP mode. Device-bound programs are used to support RX metadata kfuncs, which are driver-specific and rely on the driver context to read metadata. However, these kfuncs cannot work in generic XDP mode. Without a check to disallow such programs from being attached in generic mode, the metadata kfuncs will be called in an invalid context, leading to crashes.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.