CVE-2025-68191

medium

Description

In the Linux kernel, the following vulnerability has been resolved: udp_tunnel: use netdev_warn() instead of netdev_WARN() netdev_WARN() uses WARN/WARN_ON to print a backtrace along with file and line information. In this case, udp_tunnel_nic_register() returning an error is just a failed operation, not a kernel bug. udp_tunnel_nic_register() can fail due to a memory allocation failure (kzalloc() or udp_tunnel_nic_alloc()). This is a normal runtime error and not a kernel bug. Replace netdev_WARN() with netdev_warn() accordingly.

References

https://git.kernel.org/stable/c/dc2f650f7e6857bf384069c1a56b2937a1ee370d

https://git.kernel.org/stable/c/c018a87942bf1607aeebf8dba5a210ca9a09a0fd

https://git.kernel.org/stable/c/7758ec35ff3e9a31558eda4f0f9eb0ddfa78a8ba

https://git.kernel.org/stable/c/51b3033088f0420b19027e3d54cd989b6ebd987e

https://git.kernel.org/stable/c/45e4e4a8772fa1c5f6f38e82b732b3a9d8137af4

https://git.kernel.org/stable/c/3c3b148bf8384c8a787753cf20abde1c5731f97f

https://git.kernel.org/stable/c/087f1ed450dc6e7e49ffbbbe5b78be1218c6d5e0

Details

Source: Mitre, NVD

Published: 2025-12-16

Updated: 2025-12-18

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024