-

CVE-2025-68288

EPSS 0.06%
Veröffentlicht 16.12.2025 15:06:09
Zuletzt bearbeitet 18.12.2025 15:08:06
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

usb: storage: Fix memory leak in USB bulk transport

A kernel memory leak was identified by the 'ioctl_sg01' test from Linux
Test Project (LTP). The following bytes were mainly observed: 0x53425355.

When USB storage devices incorrectly skip the data phase with status data,
the code extracts/validates the CSW from the sg buffer, but fails to clear
it afterwards. This leaves status protocol data in srb's transfer buffer,
such as the US_BULK_CS_SIGN 'USBS' signature observed here. Thus, this can
lead to USB protocols leaks to user space through SCSI generic (/dev/sg*)
interfaces, such as the one seen here when the LTP test requested 512 KiB.

Fix the leak by zeroing the CSW data in srb's transfer buffer immediately
after the validation of devices that skip data phase.

Note: Differently from CVE-2018-1000204, which fixed a big leak by zero-
ing pages at allocation time, this leak occurs after allocation, when USB
protocol data is written to already-allocated sg pages.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 83f0241959831586d9b6d47f6bd5d3dec8f43bf0

Version a45b599ad808c3c982fdcdc12b0b8611c2f92824

Status affected

Version < 4ba515dfff7eeca369ab85cdbb3f3b231c71720c

Version a45b599ad808c3c982fdcdc12b0b8611c2f92824

Status affected

Version < 467fec3cefbeb9e3ea80f457da9a5666a71ca0d0

Version a45b599ad808c3c982fdcdc12b0b8611c2f92824

Status affected

Version < cb1401b5bcc2feb5b038fc4b512e5968b016e05e

Version a45b599ad808c3c982fdcdc12b0b8611c2f92824

Status affected

Version < 0f18eac44c5668204bf6eebb01ddb369ac56932b

Version a45b599ad808c3c982fdcdc12b0b8611c2f92824

Status affected

Version < 5b815ddb3f5560fac35b16de3a2a22d5f81c5993

Version a45b599ad808c3c982fdcdc12b0b8611c2f92824

Status affected

Version < 41e99fe2005182139b1058db71f0d241f8f0078c

Version a45b599ad808c3c982fdcdc12b0b8611c2f92824

Status affected

Version 582802e7c617cfb07cc15f280c128e6decbc57b8

Status affected

Version 58b7ce6f9ef2367f86384b20458642945993b816

Status affected

Version 93314640426ddb6af618d0802e622f6fa771792c

Status affected

Version ad2518320bc440ed3db072e2444a1bb226a9cf7a

Status affected

Version d827bea2d18c07ba514f7d48cde49f90da9a1384

Status affected

Version 39169410574503c6e901de1aa6eac5108475e017

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.17

Status affected

Version < 4.17

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.247

Status unaffected

Version <= 5.15.*

Version 5.15.197

Status unaffected

Version <= 6.1.*

Version 6.1.159

Status unaffected

Version <= 6.6.*

Version 6.6.119

Status unaffected

Version <= 6.12.*

Version 6.12.61

Status unaffected

Version <= 6.17.*

Version 6.17.11

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.191

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/83f0241959831586d9b6d47f6bd5d3dec8f43bf0

https://git.kernel.org/stable/c/4ba515dfff7eeca369ab85cdbb3f3b231c71720c

https://git.kernel.org/stable/c/467fec3cefbeb9e3ea80f457da9a5666a71ca0d0

https://git.kernel.org/stable/c/cb1401b5bcc2feb5b038fc4b512e5968b016e05e

https://git.kernel.org/stable/c/0f18eac44c5668204bf6eebb01ddb369ac56932b

https://git.kernel.org/stable/c/5b815ddb3f5560fac35b16de3a2a22d5f81c5993

https://git.kernel.org/stable/c/41e99fe2005182139b1058db71f0d241f8f0078c

https://nvd.nist.gov/vuln/detail/CVE-2025-68288

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68288

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68288

EUVD