GHSA-jmpj-vqww-cqc8 · 嚴重度: medium — In the Linux kernel, the following vulnerability has been resolved: team: Move team device type...
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of team_port_add Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device header_ops. In the case of the syzbot reproducer the gre0 device is already in state UP when it attempts to add it as a port device of team0, this fails but before that header_ops->create of team0 is changed from eth_header to ipgre_header in the call to team_dev_type_check_change. Later when we end up in ipgre_header() struct ip_tunnel* points to nonsense as the private data of the device still holds a struct team. Example sequence of iproute2 commands to reproduce the hang/BUG(): ip link add dev team0 type team ip link add dev gre0 type gre ip link set dev gre0 up ip link set dev gre0 master team0 ip link set dev team0 up ping -I team0 1.1.1.1 Move team_dev_type_check_change down where all other checks have passed as it changes the dev type with no way to restore it in case one of the checks that follow it fail. Also make sure to preserve the origial mtu assignment: - If port_dev is not the same type as dev, dev takes mtu from port_dev - If port_dev is the same type as dev, port_dev takes mtu from dev This is done by adding a conditional before the call to dev_set_mtu to prevent it from assigning port_dev->mtu = dev->mtu and instead letting team_dev_type_check_change assign dev->mtu = port_dev->mtu. The conditional is needed because the patch moves the call to team_dev_type_check_change past dev_set_mtu. Testing: - team device driver in-tree selftests - Add/remove various devices as slaves of team device - syzbot
結論預警: CVE-2025-68340 綜合評估為低風險(22.8/100):CVSS 技術影響為中級,利用機率偏低(EPSS 0.12%) 強制指令: 持續追蹤利用情報與 EPSS 變化,並適時複評優先級。
風險隨態勢動態變化;本站持續評估並同步更新本頁展示內容。
EPSS 日更估計相對被利用可能性;百分位表示該 CVE 在已評分漏洞中的相對排名(越高表示相對更嚴重)。
| # | 日期 | 舊 EPSS 分數 | 新 EPSS 分數 | 變化(新 − 舊) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.02% | 0.12% | +0.10% |
| 2 | 2026-02-27 | 0.05% | 0.02% | -0.03% |
| 3 | 2026-02-18 | — | 0.05% | — |
完整 EPSS 歷史 (共 4 筆)
該 CVE 的 CVSS 指標。
| 底座分 | 版本 | 嚴重度 | 向量 | 可利用性 | 影響 | 分數來源 |
|---|---|---|---|---|---|---|
| 5.5 | 3.1 | MEDIUM |
|
1.8 | 3.6 | [email protected] |
GHSA-jmpj-vqww-cqc8 · 嚴重度: medium — In the Linux kernel, the following vulnerability has been resolved: team: Move team device type...
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
not yet assigned | CVE-2025-68340 not yet assigned priority: Debian including 2 source packages (linux, linux-6.1), 6 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 6. | https://security-tracker.debian.org/tracker/CVE-2025-68340 |
redhat
|
medium | — | https://access.redhat.com/security/cve/CVE-2025-68340 |
suse
|
medium | CVE-2025-68340 severity moderate: SUSE including 408 source package names (13.2-9.1:libsystemd0-254.23-1.1, 13.2-9.1:libudev1-254.23-1.1, …), 761 product×package rows across 121 product lines (Container suse/sl-micro/6.0/baremetal-os-container, Container suse/sl-micro/6.0/base-os-container, … (121 product lines)): Fixed 499, Known Affected 231, First Fixed 25, Known Not Affected 6. | https://www.suse.com/security/cve/CVE-2025-68340/ |
ubuntu
|
medium | CVE-2025-68340 medium priority: Ubuntu including 157 source packages (linux, linux-allwinner-5.19, …), 1405 status rows across 9 suites (bionic, focal, jammy, noble, plucky, questing, trusty, upstream, xenial): DNE 1010, ignored 183, released 147, needed 51, pending 13, not-affected 1. | https://ubuntu.com/security/CVE-2025-68340 |
| 廠商 | 產品 | 版本 | 原始 CPE |
|---|---|---|---|
| linux | linux_kernel | >= 3.7, < 5.10.259 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 3.7, < 5.15.199 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 3.7, < 6.1.162 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 3.7, < 6.6.123 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 3.7, < 6.12.61 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 3.7, < 6.17.11 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 3.7, < 6.18 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |