-

CVE-2025-68312

EPSS 0.04%
Veröffentlicht 16.12.2025 15:39:43
Zuletzt bearbeitet 18.12.2025 15:08:06
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

usbnet: Prevents free active kevent

The root cause of this issue are:
1. When probing the usbnet device, executing usbnet_link_change(dev, 0, 0);
put the kevent work in global workqueue. However, the kevent has not yet
been scheduled when the usbnet device is unregistered. Therefore, executing
free_netdev() results in the "free active object (kevent)" error reported
here.

2. Another factor is that when calling usbnet_disconnect()->unregister_netdev(),
if the usbnet device is up, ndo_stop() is executed to cancel the kevent.
However, because the device is not up, ndo_stop() is not executed.

The solution to this problem is to cancel the kevent before executing
free_netdev().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 285d4b953f2ca03c358f986718dd89ee9bde632e

Version 8b4588b8b00b299be16a35be67b331d8fdba03f3

Status affected

Version < 88a38b135d69f5db9024ff6527232f1b51be8915

Version 135199a2edd459d2b123144efcd7f9bcd95128e4

Status affected

Version < 43005002b60ef3424719ecda16d124714b45da3b

Version 635fd8953e4309b54ca6a81bed1d4a87668694f4

Status affected

Version < 3a10619fdefd3051aeb14860e4d4335529b4e94d

Version a69e617e533edddf3fa3123149900f36e0a6dc74

Status affected

Version < 9a579d6a39513069d298eee70770bbac8a148565

Version a69e617e533edddf3fa3123149900f36e0a6dc74

Status affected

Version < 2ce1de32e05445d77fc056f6ff8339cfb78a5f84

Version a69e617e533edddf3fa3123149900f36e0a6dc74

Status affected

Version < 5158fb8da162e3982940f30cd01ed77bdf42c6fc

Version a69e617e533edddf3fa3123149900f36e0a6dc74

Status affected

Version < 420c84c330d1688b8c764479e5738bbdbf0a33de

Version a69e617e533edddf3fa3123149900f36e0a6dc74

Status affected

Version d2d6b530d89b0a912148018027386aa049f0a309

Status affected

Version e2a521a7dcc463c5017b4426ca0804e151faeff7

Status affected

Version 7f77dcbc030c2faa6d8e8a594985eeb34018409e

Status affected

Version d49bb8cf9bfaa06aa527eb30f1a52a071da2e32f

Status affected

Version db3b738ae5f726204876f4303c49cfdf4311403f

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.0

Status affected

Version < 6.0

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.302

Status unaffected

Version <= 5.10.*

Version 5.10.247

Status unaffected

Version <= 5.15.*

Version 5.15.197

Status unaffected

Version <= 6.1.*

Version 6.1.159

Status unaffected

Version <= 6.6.*

Version 6.6.117

Status unaffected

Version <= 6.12.*

Version 6.12.58

Status unaffected

Version <= 6.17.*

Version 6.17.8

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.098

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/285d4b953f2ca03c358f986718dd89ee9bde632e

https://git.kernel.org/stable/c/88a38b135d69f5db9024ff6527232f1b51be8915

https://git.kernel.org/stable/c/43005002b60ef3424719ecda16d124714b45da3b

https://git.kernel.org/stable/c/3a10619fdefd3051aeb14860e4d4335529b4e94d

https://git.kernel.org/stable/c/9a579d6a39513069d298eee70770bbac8a148565

https://git.kernel.org/stable/c/2ce1de32e05445d77fc056f6ff8339cfb78a5f84

https://git.kernel.org/stable/c/5158fb8da162e3982940f30cd01ed77bdf42c6fc

https://git.kernel.org/stable/c/420c84c330d1688b8c764479e5738bbdbf0a33de

https://nvd.nist.gov/vuln/detail/CVE-2025-68312

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68312

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68312

EUVD