CVE-2025-68234

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

16/12/2025

Last modified:

16/12/2025

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/cmd_net: fix wrong argument types for skb_queue_splice() If timestamp retriving needs to be retried and the local list of SKB&#39;s already has entries, then it&#39;s spliced back into the socket queue. However, the arguments for the splice helper are transposed, causing exactly the wrong direction of splicing into the on-stack list. Fix that up.

Impact

References to Advisories, Solutions, and Tools

https://git.kernel.org/stable/c/46447367a52965e9d35f112f5b26fc8ff8ec443d
https://git.kernel.org/stable/c/c85d2cfc5e24e6866b56c7253fd4e1c7db35986c