AZL-74336 CVE-2025-68785 affecting package kernel for versions less than 6.6.121.1-1

🗓️ 13 Jan 2026 16:15:58Reported by GoogleType

osv

osv🔗 osv.dev👁 1 Views

Fixed validation in push_nsh() of net: openvswitch to avoid memory errors from malformed middle attribute.

Reporter	Title	Published	Views	Family All 190
ATTACKERKB	CVE-2025-68785	13 Jan 202615:28	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1423)	5 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1494)	30 Mar 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-113 (ALASKERNEL-5.10-2026-113)	19 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-098 (ALASKERNEL-5.15-2026-098)	6 Mar 202600:00	–	nessus
Tenable Nessus	Debian dla-4475 : ata-modules-5.10.0-35-armmp-di - security update	11 Feb 202600:00	–	nessus
Tenable Nessus	Debian dla-4476 : linux-config-6.1 - security update	11 Feb 202600:00	–	nessus
Tenable Nessus	Debian dsa-6126 : ata-modules-6.12.31-armmp-di - security update	9 Feb 202600:00	–	nessus
Tenable Nessus	Debian dsa-6127 : affs-modules-6.1.0-37-4kc-malta-di - security update	9 Feb 202600:00	–	nessus
Tenable Nessus	openSUSE 16 Security Update : kernel (openSUSE-SU-2026:20416-1)	29 Mar 202600:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-68785

21 Apr 2026 04:38Current

6.1Medium risk

Vulners AI Score6.1

EPSS0.0009

Linux kernel Open vSwitch Push nsh action Attribute validation Netlink attributes CVE 2025 68785