CVE-2025-68314
BaseFortify
Publication date: 2025-12-16
Last updated on: 2025-12-18
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's drm/msm component involves the improper updating of the last_fence variable. The last_fence is used to wait for work to finish in vm_bind contexts but was not updated correctly, leading to a situation where resources could be freed while still in use. The fix ensures that last_fence is always updated in the vm-bind path, preventing faults caused by freeing resources prematurely.
How can this vulnerability impact me? :
This vulnerability can cause faults in the system because resources may be freed while they are still in use. This can lead to system instability, crashes, or unexpected behavior when the drm/msm component is involved.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch that updates last_fence in the vm-bind path as provided in the Linux kernel update to ensure last_fence is always updated, preventing faults due to resources being freed while still in use.