-

CVE-2025-68290

EPSS 0.06%
Veröffentlicht 16.12.2025 15:06:11
Zuletzt bearbeitet 18.12.2025 15:08:06
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

most: usb: fix double free on late probe failure

The MOST subsystem has a non-standard registration function which frees
the interface on registration failures and on deregistration.

This unsurprisingly leads to bugs in the MOST drivers, and a couple of
recent changes turned a reference underflow and use-after-free in the
USB driver into several double free and a use-after-free on late probe
failures.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 90e6ce2b1b19fb8b9d4afee69f40e4c6a4791154

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Status affected

Version < a4c4118c2af284835b16431bbfe77e0130c06fef

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Status affected

Version < 0dece48660be16918ecf2dbdc7193e8be03e1693

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Status affected

Version < 993bfdc3842893c394de13c8200c338ebb979589

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Status affected

Version < 2274767dc02b756b25e3db1e31c0ed47c2a78442

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Status affected

Version < 8d8ffefe3d5d8b7b73efb866db61130107299c5c

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Status affected

Version < baadf2a5c26e802a46573eaad331b427b49aaa36

Version 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.6

Status affected

Version < 5.6

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.247

Status unaffected

Version <= 5.15.*

Version 5.15.197

Status unaffected

Version <= 6.1.*

Version 6.1.159

Status unaffected

Version <= 6.6.*

Version 6.6.119

Status unaffected

Version <= 6.12.*

Version 6.12.61

Status unaffected

Version <= 6.17.*

Version 6.17.11

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.191

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/90e6ce2b1b19fb8b9d4afee69f40e4c6a4791154

https://git.kernel.org/stable/c/a4c4118c2af284835b16431bbfe77e0130c06fef

https://git.kernel.org/stable/c/0dece48660be16918ecf2dbdc7193e8be03e1693

https://git.kernel.org/stable/c/993bfdc3842893c394de13c8200c338ebb979589

https://git.kernel.org/stable/c/2274767dc02b756b25e3db1e31c0ed47c2a78442

https://git.kernel.org/stable/c/8d8ffefe3d5d8b7b73efb866db61130107299c5c

https://git.kernel.org/stable/c/baadf2a5c26e802a46573eaad331b427b49aaa36

https://nvd.nist.gov/vuln/detail/CVE-2025-68290

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68290

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68290

EUVD