{"uuid": "462cad22-dd75-449d-b522-d77574aa56f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21683", "type": "seen", "source": "https://t.me/cvedetector/16939", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21683 - Linux Kernel bpf SO_ATTACH_REUSEPORT_EBPF Memory Leak Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-21683 \nPublished : Jan. 31, 2025, 12:15 p.m. | 1\u00a0hour, 34\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nbpf: Fix bpf_sk_select_reuseport() memory leak  \n  \nAs pointed out in the original comment, lookup in sockmap can return a TCP  \nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF  \nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb  \ndoes not imply a non-refcounted socket.  \n  \nDrop sk's reference in both error paths.  \n  \nunreferenced object 0xffff888101911800 (size 2048):  \n  comm \"test_progs\", pid 44109, jiffies 4297131437  \n  hex dump (first 32 bytes):  \n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................  \n    80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00  ................  \n  backtrace (crc 9336483b):  \n    __kmalloc_noprof+0x3bf/0x560  \n    __reuseport_alloc+0x1d/0x40  \n    reuseport_alloc+0xca/0x150  \n    reuseport_attach_prog+0x87/0x140  \n    sk_reuseport_attach_bpf+0xc8/0x100  \n    sk_setsockopt+0x1181/0x1990  \n    do_sock_setsockopt+0x12b/0x160  \n    __sys_setsockopt+0x7b/0xc0  \n    __x64_sys_setsockopt+0x1b/0x30  \n    do_syscall_64+0x93/0x180  \n    entry_SYSCALL_64_after_hwframe+0x76/0x7e \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T15:22:35.000000Z"}