fkie_nvd - fkie_cve-2025-68290

fkie_cve-2025-68290

Vulnerability from fkie_nvd

Published

2025-12-16 16:16

Modified

2025-12-18 15:08

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: most: usb: fix double free on late probe failure The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads to bugs in the MOST drivers, and a couple of recent changes turned a reference underflow and use-after-free in the USB driver into several double free and a use-after-free on late probe failures.

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/0dece48660be16918ecf2dbdc7193e8be03e1693
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/2274767dc02b756b25e3db1e31c0ed47c2a78442
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/8d8ffefe3d5d8b7b73efb866db61130107299c5c
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/90e6ce2b1b19fb8b9d4afee69f40e4c6a4791154
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/993bfdc3842893c394de13c8200c338ebb979589
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/a4c4118c2af284835b16431bbfe77e0130c06fef
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/baadf2a5c26e802a46573eaad331b427b49aaa36

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmost: usb: fix double free on late probe failure\n\nThe MOST subsystem has a non-standard registration function which frees\nthe interface on registration failures and on deregistration.\n\nThis unsurprisingly leads to bugs in the MOST drivers, and a couple of\nrecent changes turned a reference underflow and use-after-free in the\nUSB driver into several double free and a use-after-free on late probe\nfailures."
    }
  ],
  "id": "CVE-2025-68290",
  "lastModified": "2025-12-18T15:08:06.237",
  "metrics": {},
  "published": "2025-12-16T16:16:07.860",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/0dece48660be16918ecf2dbdc7193e8be03e1693"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/2274767dc02b756b25e3db1e31c0ed47c2a78442"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/8d8ffefe3d5d8b7b73efb866db61130107299c5c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/90e6ce2b1b19fb8b9d4afee69f40e4c6a4791154"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/993bfdc3842893c394de13c8200c338ebb979589"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/a4c4118c2af284835b16431bbfe77e0130c06fef"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/baadf2a5c26e802a46573eaad331b427b49aaa36"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

CVE-2025-68290 (GCVE-0-2025-68290)

Vulnerability from cvelistv5

Published

2025-12-16 15:06

Modified

2025-12-16 15:06

Severity ?

Summary

References

URL

Tags

	https://git.kernel.org/stable/c/90e6ce2b1b19fb8b9d4afee69f40e4c6a4791154
	https://git.kernel.org/stable/c/a4c4118c2af284835b16431bbfe77e0130c06fef
	https://git.kernel.org/stable/c/0dece48660be16918ecf2dbdc7193e8be03e1693
	https://git.kernel.org/stable/c/993bfdc3842893c394de13c8200c338ebb979589
	https://git.kernel.org/stable/c/2274767dc02b756b25e3db1e31c0ed47c2a78442
	https://git.kernel.org/stable/c/8d8ffefe3d5d8b7b73efb866db61130107299c5c
	https://git.kernel.org/stable/c/baadf2a5c26e802a46573eaad331b427b49aaa36

Impacted products

Vendor

Product

Version

Linux

Version: 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c
Version: 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c
Version: 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c
Version: 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c
Version: 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c
Version: 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c
Version: 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Linux

Version: 5.6

Show details on NVD website