CVE-2025-68234

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-68234
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68234.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-68234
Downstream
Published
2025-12-16T14:04:14.300Z
Modified
2025-12-16T20:36:38.502697Z
Summary
io_uring/cmd_net: fix wrong argument types for skb_queue_splice()
Details

In the Linux kernel, the following vulnerability has been resolved:

iouring/cmdnet: fix wrong argument types for skbqueuesplice()

If timestamp retriving needs to be retried and the local list of SKB's already has entries, then it's spliced back into the socket queue. However, the arguments for the splice helper are transposed, causing exactly the wrong direction of splicing into the on-stack list. Fix that up.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68234.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
9e4ed359b8efad0e8ad4510d8ad22bf0b060526a
Fixed
c85d2cfc5e24e6866b56c7253fd4e1c7db35986c
Fixed
46447367a52965e9d35f112f5b26fc8ff8ec443d

Affected versions

v6.*
v6.16
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.17
v6.17-rc1
v6.17-rc2
v6.17-rc3
v6.17-rc4
v6.17-rc5
v6.17-rc6
v6.17-rc7
v6.17.1
v6.17.2
v6.17.3
v6.17.4
v6.17.5
v6.17.6
v6.17.7
v6.17.8
v6.17.9
v6.18-rc1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68234.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.17.0
Fixed
6.17.10

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68234.json"