cve 2025 21961

CVE-2025-21961 is a critical memory-accounting bug in the Broadcom/NetXtreme-E (bnxt) Ethernet driver's XDP-to-SKB conversion path. The vulnerability stems from a truesize miscalculation in the bnxt XDP-MB pass case, leading to skb memory-accounting errors and kernel OOPS conditions. This can cause kernel crashes and service outages. Vendors have released kernel updates to correct the logic. Discussions on WindowsForum.com cover the technical details of the bug, its impact on systems using bnxt drivers, and the available patches. The tag is relevant for IT professionals and system administrators managing Linux networking stacks with Broadcom hardware.