CVE-2025-21857
CVE-2025-21857 affects the Linux kernel net/sched code (cls_api). The root cause is error handling in tcf_exts_miss_cookie_base_alloc() calling xa_alloc_cyclic() that can return 1 (wraps successfully), which is treated as an error by tcf_exts_init_ex() and causes exts to be NULL. fl_change() the...