{"id":"AZL-73108","summary":"CVE-2025-68742 affecting package kernel for versions less than 6.6.121.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix invalid prog-\u003estats access when update_effective_progs fails\n\nSyzkaller triggers an invalid memory access issue following fault\ninjection in update_effective_progs. The issue can be described as\nfollows:\n\n__cgroup_bpf_detach\n  update_effective_progs\n    compute_effective_progs\n      bpf_prog_array_alloc \u003c-- fault inject\n  purge_effective_progs\n    /* change to dummy_bpf_prog */\n    array-\u003eitems[index] = &dummy_bpf_prog.prog\n\n---softirq start---\n__do_softirq\n  ...\n    __cgroup_bpf_run_filter_skb\n      __bpf_prog_run_save_cb\n        bpf_prog_run\n          stats = this_cpu_ptr(prog-\u003estats)\n          /* invalid memory access */\n          flags = u64_stats_update_begin_irqsave(&stats-\u003esyncp)\n---softirq end---\n\n  static_branch_dec(&cgroup_bpf_enabled_key[atype])\n\nThe reason is that fault injection caused update_effective_progs to fail\nand then changed the original prog into dummy_bpf_prog.prog in\npurge_effective_progs. Then a softirq came, and accessing the members of\ndummy_bpf_prog.prog in the softirq triggers invalid mem access.\n\nTo fix it, skip updating stats when stats is NULL.","modified":"2026-04-01T05:22:15.910950Z","published":"2025-12-24T13:16:29Z","upstream":["CVE-2025-68742"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68742"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.121.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-73108.json"}}],"schema_version":"1.7.5"}