{"vulnerability": "CVE-2025-21683", "sightings": [{"uuid": "229f3516-e366-4a9a-95e6-2b8b2c35b593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21683", "type": "seen", "source": "Telegram/JDl9OD5TWx90S2Xla8iIm-SseFD2E78k-uVIN4XyFTXqabwl", "content": "", "creation_timestamp": "2025-02-06T02:40:19.000000Z"}, {"uuid": "23ce14d7-27ef-47bb-b1fd-1c4294a433c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21683", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3645", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21683\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_sk_select_reuseport() memory leak\n\nAs pointed out in the original comment, lookup in sockmap can return a TCP\nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF\nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb\ndoes not imply a non-refcounted socket.\n\nDrop sk's reference in both error paths.\n\nunreferenced object 0xffff888101911800 (size 2048):\n  comm \"test_progs\", pid 44109, jiffies 4297131437\n  hex dump (first 32 bytes):\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n    80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n  backtrace (crc 9336483b):\n    __kmalloc_noprof+0x3bf/0x560\n    __reuseport_alloc+0x1d/0x40\n    reuseport_alloc+0xca/0x150\n    reuseport_attach_prog+0x87/0x140\n    sk_reuseport_attach_bpf+0xc8/0x100\n    sk_setsockopt+0x1181/0x1990\n    do_sock_setsockopt+0x12b/0x160\n    __sys_setsockopt+0x7b/0xc0\n    __x64_sys_setsockopt+0x1b/0x30\n    do_syscall_64+0x93/0x180\n    entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\ud83d\udccf Published: 2025-01-31T12:33:03Z\n\ud83d\udccf Modified: 2025-01-31T12:33:03Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-21683\n2. https://git.kernel.org/stable/c/0ab52a8ca6e156a64c51b5e7456cac9a0ebfd9bf\n3. https://git.kernel.org/stable/c/b02e70be498b138e9c21701c2f33f4018ca7cd5e\n4. https://git.kernel.org/stable/c/b3af60928ab9129befa65e6df0310d27300942bf\n5. https://git.kernel.org/stable/c/cccd51dd22574216e64e5d205489e634f86999f3\n6. https://git.kernel.org/stable/c/d0a3b3d1176d39218b8edb2a2d03164942ab9ccd", "creation_timestamp": "2025-01-31T13:14:55.000000Z"}, {"uuid": "462cad22-dd75-449d-b522-d77574aa56f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21683", "type": "seen", "source": "https://t.me/cvedetector/16939", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21683 - Linux Kernel bpf SO_ATTACH_REUSEPORT_EBPF Memory Leak Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-21683 \nPublished : Jan. 31, 2025, 12:15 p.m. | 1\u00a0hour, 34\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nbpf: Fix bpf_sk_select_reuseport() memory leak  \n  \nAs pointed out in the original comment, lookup in sockmap can return a TCP  \nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF  \nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb  \ndoes not imply a non-refcounted socket.  \n  \nDrop sk's reference in both error paths.  \n  \nunreferenced object 0xffff888101911800 (size 2048):  \n  comm \"test_progs\", pid 44109, jiffies 4297131437  \n  hex dump (first 32 bytes):  \n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................  \n    80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00  ................  \n  backtrace (crc 9336483b):  \n    __kmalloc_noprof+0x3bf/0x560  \n    __reuseport_alloc+0x1d/0x40  \n    reuseport_alloc+0xca/0x150  \n    reuseport_attach_prog+0x87/0x140  \n    sk_reuseport_attach_bpf+0xc8/0x100  \n    sk_setsockopt+0x1181/0x1990  \n    do_sock_setsockopt+0x12b/0x160  \n    __sys_setsockopt+0x7b/0xc0  \n    __x64_sys_setsockopt+0x1b/0x30  \n    do_syscall_64+0x93/0x180  \n    entry_SYSCALL_64_after_hwframe+0x76/0x7e \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T15:22:35.000000Z"}, {"uuid": "575ade45-ada1-4508-b590-d070e012b9ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21683", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzy47kwa72w", "content": "", "creation_timestamp": "2025-01-31T12:16:49.843681Z"}]}