CVE-2025-68353

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: vxlan: prevent NULL deref in vxlan_xmit_one<br /> <br /> Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in<br /> vxlan_xmit_one, e.g. if the iface is brought down. This can lead to the<br /> following NULL dereference:<br /> <br /> BUG: kernel NULL pointer dereference, address: 0000000000000010<br /> Oops: Oops: 0000 [#1] SMP NOPTI<br /> RIP: 0010:vxlan_xmit_one+0xbb3/0x1580<br /> Call Trace:<br /> vxlan_xmit+0x429/0x610<br /> dev_hard_start_xmit+0x55/0xa0<br /> __dev_queue_xmit+0x6d0/0x7f0<br /> ip_finish_output2+0x24b/0x590<br /> ip_output+0x63/0x110<br /> <br /> Mentioned commits changed the code path in vxlan_xmit_one and as a side<br /> effect the sock4/6 pointer validity checks in vxlan(6)_get_route were<br /> lost. Fix this by adding back checks.<br /> <br /> Since both commits being fixed were released in the same version (v6.7)<br /> and are strongly related, bundle the fixes in a single commit.