CVE-2025-68191

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained an issue where the udp tunnel nic register() function incorrectly used netdev WARN() for non-critical error reporting. netdev WARN() includes a backtrace, which is unnecessary for normal runtime errors like memory allocation failures (using kzalloc() or udp tunnel nic alloc()). The issue has been addressed by replacing netdev WARN() with netdev warn(), which is more appropriate for these types of operational failures.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Resource Exhaustion

Allocation of Resources Without Limits

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-770CWE-404

Related Identifiers

BDU:2026-01322

CVE-2025-68191

ECHO-CC0D-A361-9FBB

MGASA-2026-0017

MGASA-2026-0018

OESA-2026-1303

OESA-2026-1304

OESA-2026-1305

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8096-1

USN-8096-2

USN-8096-3

USN-8096-4

USN-8096-5

USN-8100-1

USN-8116-1

USN-8125-1

USN-8126-1

USN-8141-1

USN-8163-1

USN-8163-2

USN-8165-1

USN-8243-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-68191

Weakness Enumeration

Related Identifiers

Affected Products

References · 1822