-

CVE-2025-68290

EPSS 0.04%
Veröffentlicht 16.12.2025 15:06:11
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

most: usb: fix double free on late probe failure

In the Linux kernel, the following vulnerability has been resolved:

most: usb: fix double free on late probe failure

The MOST subsystem has a non-standard registration function which frees
the interface on registration failures and on deregistration.

This unsurprisingly leads to bugs in the MOST drivers, and a couple of
recent changes turned a reference underflow and use-after-free in the
USB driver into several double free and a use-after-free on late probe
failures.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

CNA 2 VulnDex Vulnerability Enrichment 9

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Version < 90e6ce2b1b19fb8b9d4afee69f40e4c6a4791154

Status affected

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Version < a4c4118c2af284835b16431bbfe77e0130c06fef

Status affected

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Version < 0dece48660be16918ecf2dbdc7193e8be03e1693

Status affected

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Version < 993bfdc3842893c394de13c8200c338ebb979589

Status affected

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Version < 2274767dc02b756b25e3db1e31c0ed47c2a78442

Status affected

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Version < 8d8ffefe3d5d8b7b73efb866db61130107299c5c

Status affected

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Version < baadf2a5c26e802a46573eaad331b427b49aaa36

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.6

Status affected

Version 0

Version < 5.6

Status unaffected

Version <= 5.10.*

Version 5.10.247

Status unaffected

Version <= 5.15.*

Version 5.15.197

Status unaffected

Version <= 6.1.*

Version 6.1.159

Status unaffected

Version <= 6.6.*

Version 6.6.119

Status unaffected

Version <= 6.12.*

Version 6.12.61

Status unaffected

Version <= 6.17.*

Version 6.17.11

Status unaffected

Version <= *

Version 6.18

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.131

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/90e6ce2b1b19fb8b9d4afee69f40e4c6a4791154

https://git.kernel.org/stable/c/a4c4118c2af284835b16431bbfe77e0130c06fef

https://git.kernel.org/stable/c/0dece48660be16918ecf2dbdc7193e8be03e1693

https://git.kernel.org/stable/c/993bfdc3842893c394de13c8200c338ebb979589

https://git.kernel.org/stable/c/2274767dc02b756b25e3db1e31c0ed47c2a78442

https://git.kernel.org/stable/c/8d8ffefe3d5d8b7b73efb866db61130107299c5c

https://git.kernel.org/stable/c/baadf2a5c26e802a46573eaad331b427b49aaa36

https://nvd.nist.gov/vuln/detail/CVE-2025-68290

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68290

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68290

EUVD