CVE-2025-68301

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The atlantic network driver in the Linux kernel is susceptible to a fragment overflow when handling large, multi-descriptor packets in the receive (RX) path. This occurs because the driver does not adequately check the total number of fragments before calling skb add rx frag(), potentially exceeding the maximum allowed fragments (MAX SKB FRAGS, which is 17). This can lead to an out-of-bounds write in the skb add rx frag netmem() function, resulting in a kernel panic. The issue was observed in a production environment with an Aquantia AQC113 10G NIC. The fix assumes an extra fragment if buff->len is greater than AQ CFG RX HDR SIZE, ensuring all fragments are accounted for and preventing the overflow.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.