-

CVE-2025-68804

EPSS 0.03%
Veröffentlicht 13.01.2026 15:29:12
Zuletzt bearbeitet 19.01.2026 13:16:14
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver

After unbinding the driver, another kthread `cros_ec_console_log_work`
is still accessing the device, resulting an UAF and crash.

The driver doesn't unregister the EC device in .remove() which should
shutdown sub-devices synchronously.  Fix it.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 27037916db38e6b78a0242031d3b93d997b84020

Version 26a14267aff218c60b89007fdb44ca392ba6122c

Status affected

Version < e1da6e399df976dd04c7c73ec008bc81da368a95

Version 26a14267aff218c60b89007fdb44ca392ba6122c

Status affected

Version < 8dc1f5a85286290dbf04dd5951d020570f49779b

Version 26a14267aff218c60b89007fdb44ca392ba6122c

Status affected

Version < 393b8f9bedc7806acb9c47cefdbdb223b4b6164b

Version 26a14267aff218c60b89007fdb44ca392ba6122c

Status affected

Version < 4701493ba37654b3c38b526f6591cf0b02aa172f

Version 26a14267aff218c60b89007fdb44ca392ba6122c

Status affected

Version < 24a2062257bbdfc831de5ed21c27b04b5bdf2437

Version 26a14267aff218c60b89007fdb44ca392ba6122c

Status affected

Version < 944edca81e7aea15f83cf9a13a6ab67f711e8abd

Version 26a14267aff218c60b89007fdb44ca392ba6122c

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.3

Status affected

Version < 5.3

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.248

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.64

Status unaffected

Version <= 6.18.*

Version 6.18.3

Status unaffected

Version <= *

Version 6.19-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/8dc1f5a85286290dbf04dd5951d020570f49779b

https://git.kernel.org/stable/c/393b8f9bedc7806acb9c47cefdbdb223b4b6164b

https://git.kernel.org/stable/c/4701493ba37654b3c38b526f6591cf0b02aa172f

https://git.kernel.org/stable/c/24a2062257bbdfc831de5ed21c27b04b5bdf2437

https://git.kernel.org/stable/c/944edca81e7aea15f83cf9a13a6ab67f711e8abd

https://git.kernel.org/stable/c/27037916db38e6b78a0242031d3b93d997b84020

https://git.kernel.org/stable/c/e1da6e399df976dd04c7c73ec008bc81da368a95

https://nvd.nist.gov/vuln/detail/CVE-2025-68804

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68804

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68804

EUVD