CVE-2025-68734
Memory Leak in Linux Kernel mISDN hfcsusb_probe() Fixed
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | * |
| misdn | hfcsusb | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Apply the patch or update to the fixed version of the Linux kernel that resolves the memory leak in hfcsusb_probe() by properly freeing the allocated memory. Since this issue was identified and fixed in the kernel source, updating to the latest kernel version containing this fix is the recommended mitigation.
Can you explain this vulnerability to me?
This vulnerability is a memory leak in the Linux kernel's hfcsusb driver within the mISDN subsystem. Specifically, in the hfcsusb_probe() function, memory allocated for ctrl_urb is not freed if setup_instance() fails, leading to a memory leak. The fix involves freeing the allocated memory properly before freeing the hardware structure and restructuring error handling.
How can this vulnerability impact me? :
The memory leak can cause increased memory usage over time, potentially leading to reduced system performance or stability issues if the leaked memory accumulates, especially on systems using the affected driver.