CVE-2025-68744
Published Dec 24, 2025
Modified Apr 15, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update [lru_,]percpu_hash maps As [lru_,]percpu_hash maps support BPF_KPTR_{REF,PERCPU}, missing calls to 'bpf_obj_free_fields()' in 'pcpu_copy_value()' could cause the memory referenced by BPF_KPTR_{REF,PERCPU} fields to be held until the map gets freed. Fix this by calling 'bpf_obj_free_fields()' after 'copy_map_value[,_long]()' in 'pcpu_copy_value()'.
Is your site exposed to CVE-2025-68744?
Run a free security scan — no signup, results in seconds.
References
Other References
https://git.kernel.org/stable/c/3bf1378747e251571e0de15e7e0a6bf2919044e7
https://git.kernel.org/stable/c/4a03d69cece145e4fb527464be29c3806aa3221e
https://git.kernel.org/stable/c/6af6e49a76c9af7d42eb923703e7648cb2bf401a
https://git.kernel.org/stable/c/96a5cb7072cabbac5c66ac9318242c3bdceebb68
https://git.kernel.org/stable/c/994d6303ed0b84cbc795bb5becf7ed6de40d3f3c
Frequently Asked Questions
What is CVE-2025-68744? +
In the Linux kernel, the following vulnerability has been resolved:
bpf: Free special fields when update [lru_,]percpu_hash maps
As [lru_,]percpu_hash maps support BPF_KPTR_{REF,PERCPU}, missing
calls to 'bpf_obj_free_fields()' in 'pcpu_copy_value()' could cause the
memory referenced by BPF_KPTR_{REF,PERCPU} fields to be held until the
map gets freed.
Fix this by calling 'bpf_obj_free_fields()' after
'copy_map_value[,_long]()' in 'pcpu_copy_value()'.
How do I check if I'm vulnerable to CVE-2025-68744? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.