CVE-2025-68799

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An integer underflow issue exists in the cffrml receive() function when handling packets with FCS disabled. The function extracts a length field from the packet header and subtracts 2 from it without verifying that the length is greater than or equal to 2. An attacker can exploit this by sending a malicious packet with a length field of 0 or 1, causing an integer underflow. This can lead to memory exhaustion, kernel instability, and potential information disclosure if padding contains uninitialized kernel memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-191

Related Identifiers

AZL-74327

BDU:2026-00715

CVE-2025-68799

ECHO-A14B-C2C1-503D

MGASA-2026-0017

MGASA-2026-0018

OPENSUSE-SU-2026:20287-1

SUSE-SU-2026:20555-1

SUSE-SU-2026:20599-1

SUSE-SU-2026:20615-1

USN-8096-1

USN-8096-2

USN-8096-3

USN-8096-4

USN-8096-5

USN-8116-1

USN-8141-1

USN-8163-1

USN-8163-2

USN-8177-1

USN-8177-2

USN-8179-1

USN-8179-2

USN-8179-3

USN-8179-4

USN-8183-1

USN-8183-2

USN-8184-1

USN-8185-1

USN-8185-2

USN-8203-1

USN-8204-1

USN-8243-1

USN-8245-1

USN-8257-1

USN-8258-1

USN-8260-1

USN-8261-1

USN-8265-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-68799

Weakness Enumeration

Related Identifiers

Affected Products

References · 1300