{
  "threat_severity" : "Moderate",
  "public_date" : "2025-12-24T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: Kernel: Denial of Service via NULL pointer dereference in VXLAN module",
    "id" : "2424860",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2424860"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-476",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nnet: vxlan: prevent NULL deref in vxlan_xmit_one\nNeither sock4 nor sock6 pointers are guaranteed to be non-NULL in\nvxlan_xmit_one, e.g. if the iface is brought down. This can lead to the\nfollowing NULL dereference:\nBUG: kernel NULL pointer dereference, address: 0000000000000010\nOops: Oops: 0000 [#1] SMP NOPTI\nRIP: 0010:vxlan_xmit_one+0xbb3/0x1580\nCall Trace:\nvxlan_xmit+0x429/0x610\ndev_hard_start_xmit+0x55/0xa0\n__dev_queue_xmit+0x6d0/0x7f0\nip_finish_output2+0x24b/0x590\nip_output+0x63/0x110\nMentioned commits changed the code path in vxlan_xmit_one and as a side\neffect the sock4/6 pointer validity checks in vxlan(6)_get_route were\nlost. Fix this by adding back checks.\nSince both commits being fixed were released in the same version (v6.7)\nand are strongly related, bundle the fixes in a single commit.", "A flaw was found in the Linux kernel's Virtual Extensible LAN (VXLAN) module. This vulnerability allows a local user to cause a system crash, leading to a Denial of Service (DoS). The issue occurs due to a NULL pointer dereference, which is an attempt to access a memory location that does not exist, when network interface pointers (sock4 or sock6) are not guaranteed to be non-NULL, such as when the interface is brought down." ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-68353\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-68353\nhttps://lore.kernel.org/linux-cve-announce/2025122455-CVE-2025-68353-8704@gregkh/T" ],
  "name" : "CVE-2025-68353",
  "csaw" : false
}