CVE-2025-22105

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.14.0-rc4

Description A vulnerability in the Linux kernel has been resolved. The issue is related to the bonding mode and xdp program attachment. When the namespace is deleted, the dev xdp uninstall function is called to remove the xdp program on the bond device, and the bond xdp set function checks the bond mode. If the bond mode is changed after attaching the xdp program, a warning may occur. Some bond modes, such as broadcast, do not support native xdp. The vulnerability can be triggered by performing certain operations, including adding a network namespace, creating a bond link, setting the bond mode, and deleting the namespace.

Recommendations For Linux kernel versions prior to 6.14.0-rc4, consider updating to a newer version to resolve the issue. As a temporary workaround, avoid changing the bond mode after attaching an xdp program to minimize the risk of exploitation. Additionally, restrict access to the vulnerable bond modes, such as broadcast, to prevent potential attacks.