PT-2025-14341 · Linux+6 · Linux Kernel+6

Published

2025-03-09

·

Updated

2026-04-20

·

CVE-2025-21960

CVSS v2.0

6.2

Medium

VectorAV:A/AC:H/Au:N/C:N/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.14.0-rc4+
Description A vulnerability in the Linux kernel has been resolved, related to the bnxt driver. The issue arises when the XDP-MB program is attached and returns XDP PASS, causing the bnxt xdp build skb() function to update the skb shared info, which includes updating the ip summed value if checksum offload is enabled. However, this update is unnecessary and can lead to warnings. The vulnerability is caused by duplicate work in updating the ip summed value.
Recommendations For Linux kernel versions prior to 6.14.0-rc4+, update the kernel to a version that includes the fix for this issue. As a temporary workaround, consider disabling the XDP-MB program or restricting its use to minimize the risk of exploitation. Additionally, avoid using the ip summed variable in the affected API endpoints until the issue is resolved.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-675

Related Identifiers

BDU:2025-11831
CVE-2025-21960
DLA-4193-1
DSA-5900-1
ECHO-D2FE-14FC-BD70
MGASA-2025-0142
MGASA-2025-0146
OESA-2025-1878
OESA-2025-1879
OESA-2025-1880
OPENSUSE-SU-2025_01614-1
OPENSUSE-SU-2025_01707-1
SUSE-SU-2025:01614-1
SUSE-SU-2025:01707-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:01951-1
SUSE-SU-2025:01964-1
SUSE-SU-2025:01967-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20206-1
SUSE-SU-2025:20270-1
SUSE-SU-2025:20283-1
SUSE-SU-2025_01614-1
SUSE-SU-2025_01707-1
SUSE-SU-2025_01951-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01967-1
USN-7605-1
USN-7605-2
USN-7606-1
USN-7628-1
USN-7764-1
USN-7764-2
USN-7765-1
USN-7766-1
USN-7767-1
USN-7767-2
USN-7779-1
USN-7790-1
USN-7800-1
USN-7801-1
USN-7801-2
USN-7801-3
USN-7802-1
USN-7809-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu