CVE-2025-68326
Unknown Unknown - Not Provided

Null Pointer Dereference in Linux drm/xe GUC Stack_Depot Usage

Vulnerability report for CVE-2025-68326, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-22

Last updated on: 2025-12-22

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Fix stack_depot usage Add missing stack_depot_init() call when CONFIG_DRM_XE_DEBUG_GUC is enabled to fix the following call stack: [] BUG: kernel NULL pointer dereference, address: 0000000000000000 [] Workqueue: drm_sched_run_job_work [gpu_sched] [] RIP: 0010:stack_depot_save_flags+0x172/0x870 [] Call Trace: [] <TASK> [] fast_req_track+0x58/0xb0 [xe] (cherry picked from commit 64fdf496a6929a0a194387d2bb5efaf5da2b542f)

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-22
Last Modified
2025-12-22
Generated
2026-07-06
AI Q&A
2025-12-23
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a bug in the Linux kernel's drm/xe/guc component related to the stack_depot usage. Specifically, when the CONFIG_DRM_XE_DEBUG_GUC option is enabled, a missing initialization call to stack_depot_init() causes a NULL pointer dereference in the kernel, leading to a crash (BUG). This occurs during GPU scheduling workqueue operations, resulting in a kernel panic or instability.

Impact Analysis

This vulnerability can cause the Linux kernel to crash due to a NULL pointer dereference when certain GPU debug features are enabled. This can lead to system instability, unexpected reboots, or denial of service conditions on affected systems running the vulnerable kernel with the specific debug configuration enabled.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68326. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart