-

CVE-2025-68229

EPSS 0.06%
Veröffentlicht 16.12.2025 13:57:21
Zuletzt bearbeitet 18.12.2025 15:08:06
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()

If the allocation of tl_hba->sh fails in tcm_loop_driver_probe() and we
attempt to dereference it in tcm_loop_tpg_address_show() we will get a
segfault, see below for an example. So, check tl_hba->sh before
dereferencing it.

  Unable to allocate struct scsi_host
  BUG: kernel NULL pointer dereference, address: 0000000000000194
  #PF: supervisor read access in kernel mode
  #PF: error_code(0x0000) - not-present page
  PGD 0 P4D 0
  Oops: 0000 [#1] PREEMPT SMP NOPTI
  CPU: 1 PID: 8356 Comm: tokio-runtime-w Not tainted 6.6.104.2-4.azl3 #1
  Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 09/28/2024
  RIP: 0010:tcm_loop_tpg_address_show+0x2e/0x50 [tcm_loop]
...
  Call Trace:
   <TASK>
   configfs_read_iter+0x12d/0x1d0 [configfs]
   vfs_read+0x1b5/0x300
   ksys_read+0x6f/0xf0
...

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 63f511d3855f7f4b35dd63dbc58fc3d935a81268

Version 2628b352c3d4905adf8129ea50900bd980b6ccef

Status affected

Version < 3d8c517f6eb27e47b1a198e05f8023038329b40b

Version 2628b352c3d4905adf8129ea50900bd980b6ccef

Status affected

Version < f449a1edd7a13bb025aaf9342ea6f8bf92684bbf

Version 2628b352c3d4905adf8129ea50900bd980b6ccef

Status affected

Version < 1c9ba455b5073253ceaadae4859546e38e8261fe

Version 2628b352c3d4905adf8129ea50900bd980b6ccef

Status affected

Version < a6ef60898ddaf1414592ce3e5b0d94276d631663

Version 2628b352c3d4905adf8129ea50900bd980b6ccef

Status affected

Version < 72e8831079266749a7023618a0de2f289a9dced6

Version 2628b352c3d4905adf8129ea50900bd980b6ccef

Status affected

Version < 13aff3b8a7184281b134698704d6c06863a8361b

Version 2628b352c3d4905adf8129ea50900bd980b6ccef

Status affected

Version < e6965188f84a7883e6a0d3448e86b0cf29b24dfc

Version 2628b352c3d4905adf8129ea50900bd980b6ccef

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.5

Status affected

Version < 4.5

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.302

Status unaffected

Version <= 5.10.*

Version 5.10.247

Status unaffected

Version <= 5.15.*

Version 5.15.197

Status unaffected

Version <= 6.1.*

Version 6.1.159

Status unaffected

Version <= 6.6.*

Version 6.6.118

Status unaffected

Version <= 6.12.*

Version 6.12.60

Status unaffected

Version <= 6.17.*

Version 6.17.10

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.191

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/63f511d3855f7f4b35dd63dbc58fc3d935a81268

https://git.kernel.org/stable/c/3d8c517f6eb27e47b1a198e05f8023038329b40b

https://git.kernel.org/stable/c/f449a1edd7a13bb025aaf9342ea6f8bf92684bbf

https://git.kernel.org/stable/c/1c9ba455b5073253ceaadae4859546e38e8261fe

https://git.kernel.org/stable/c/a6ef60898ddaf1414592ce3e5b0d94276d631663

https://git.kernel.org/stable/c/72e8831079266749a7023618a0de2f289a9dced6

https://git.kernel.org/stable/c/13aff3b8a7184281b134698704d6c06863a8361b

https://git.kernel.org/stable/c/e6965188f84a7883e6a0d3448e86b0cf29b24dfc

https://nvd.nist.gov/vuln/detail/CVE-2025-68229

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68229

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68229

EUVD