-

CVE-2025-68808

EPSS 0.03%
Veröffentlicht 13.01.2026 15:29:15
Zuletzt bearbeitet 19.01.2026 13:16:14
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

media: vidtv: initialize local pointers upon transfer of memory ownership

vidtv_channel_si_init() creates a temporary list (program, service, event)
and ownership of the memory itself is transferred to the PAT/SDT/EIT
tables through vidtv_psi_pat_program_assign(),
vidtv_psi_sdt_service_assign(), vidtv_psi_eit_event_assign().

The problem here is that the local pointer where the memory ownership
transfer was completed is not initialized to NULL. This causes the
vidtv_psi_pmt_create_sec_for_each_pat_entry() function to fail, and
in the flow that jumps to free_eit, the memory that was freed by
vidtv_psi_*_table_destroy() can be accessed again by
vidtv_psi_*_event_destroy() due to the uninitialized local pointer, so it
is freed once again.

Therefore, to prevent use-after-free and double-free vulnerability,
local pointers must be initialized to NULL when transferring memory
ownership.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < c342e294dac4988c8ada759b2f057246e48c5108

Version 3be8037960bccd13052cfdeba8805ad785041d70

Status affected

Version < 12ab6ebb37789b84073e83e4d9b14a5e0d133323

Version 3be8037960bccd13052cfdeba8805ad785041d70

Status affected

Version < 3caa18d35f1dabe85a3dd31bc387f391ac9f9b4e

Version 3be8037960bccd13052cfdeba8805ad785041d70

Status affected

Version < fb9bd6d8d314b748e946ed6555eb4a956ee8c4d8

Version 3be8037960bccd13052cfdeba8805ad785041d70

Status affected

Version < a69c7fd603bf5ad93177394fbd9711922ee81032

Version 3be8037960bccd13052cfdeba8805ad785041d70

Status affected

Version < 30f4d4e5224a9e44e9ceb3956489462319d804ce

Version 3be8037960bccd13052cfdeba8805ad785041d70

Status affected

Version < 98aabfe2d79f74613abc2b0b1cef08f97eaf5322

Version 3be8037960bccd13052cfdeba8805ad785041d70

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.10

Status affected

Version < 5.10

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.248

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.64

Status unaffected

Version <= 6.18.*

Version 6.18.3

Status unaffected

Version <= *

Version 6.19-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/3caa18d35f1dabe85a3dd31bc387f391ac9f9b4e

https://git.kernel.org/stable/c/fb9bd6d8d314b748e946ed6555eb4a956ee8c4d8

https://git.kernel.org/stable/c/a69c7fd603bf5ad93177394fbd9711922ee81032

https://git.kernel.org/stable/c/30f4d4e5224a9e44e9ceb3956489462319d804ce

https://git.kernel.org/stable/c/98aabfe2d79f74613abc2b0b1cef08f97eaf5322

https://git.kernel.org/stable/c/12ab6ebb37789b84073e83e4d9b14a5e0d133323

https://git.kernel.org/stable/c/c342e294dac4988c8ada759b2f057246e48c5108

https://nvd.nist.gov/vuln/detail/CVE-2025-68808

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68808

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68808

EUVD