CVE-2025-68326
Unknown Unknown - Not Provided
Null Pointer Dereference in Linux drm/xe GUC Stack_Depot Usage

Publication date: 2025-12-22

Last updated on: 2025-12-22

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Fix stack_depot usage Add missing stack_depot_init() call when CONFIG_DRM_XE_DEBUG_GUC is enabled to fix the following call stack: [] BUG: kernel NULL pointer dereference, address: 0000000000000000 [] Workqueue: drm_sched_run_job_work [gpu_sched] [] RIP: 0010:stack_depot_save_flags+0x172/0x870 [] Call Trace: [] <TASK> [] fast_req_track+0x58/0xb0 [xe] (cherry picked from commit 64fdf496a6929a0a194387d2bb5efaf5da2b542f)
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-22
Last Modified
2025-12-22
Generated
2026-06-16
AI Q&A
2025-12-23
EPSS Evaluated
2026-06-14
NVD
CVE-2025-68326
EUVD
EUVD-2025-204733
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a bug in the Linux kernel's drm/xe/guc component related to the stack_depot usage. Specifically, when the CONFIG_DRM_XE_DEBUG_GUC option is enabled, a missing initialization call to stack_depot_init() causes a NULL pointer dereference in the kernel, leading to a crash (BUG). This occurs during GPU scheduling workqueue operations, resulting in a kernel panic or instability.

Impact Analysis

This vulnerability can cause the Linux kernel to crash due to a NULL pointer dereference when certain GPU debug features are enabled. This can lead to system instability, unexpected reboots, or denial of service conditions on affected systems running the vulnerable kernel with the specific debug configuration enabled.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68326. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart