VDB

DEBIAN-CVE-2025-68799

DEBIAN-CVE-2025-68799 PUBLISHED CVSS 8.800000190734863 HIGH

In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrml_receive() The cffrml_receive() function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len >= 2. If an attacker sends a malicious packet with a length field of 0 or 1 to an interface with FCS disabled, the subtraction causes an integer underflow. This can lead to memory exhaustion and kernel instability, potential information disclosure if padding contains uninitialized kernel memory. Fix this by validating that len >= 2 before performing the subtraction.

Risk Scores

CVSS 4.0
8.800000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

VendorProductVersions
Debian:14linux6.12.41-1, 6.16-1~exp1, 6.16.1-1~exp1
Debian:11linux-6.1*, 6.1.159-1, 6.1.158-1
Debian:12linux6.1.115-1, 0, 6.1.106-2
Debian:13linux0, 6.12.69-1, 6.12.63-1
Debian:11linux5.10.218-1, 5.10.221-1, 5.10.223-1

Exploit Intelligence

Timeline

  • Jan 13, 2026 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›