CVE-2025-68182 — Signal Handler Race Condition in Linux

CWE-364 — Signal Handler Race Condition16 documents7 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 89.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 16

Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix potential use after free in iwl_mld_remove_link() This code frees "link" by calling kfree_rcu(link, rcu_head) and then it dereferences "link" to get the "link->fw_id". Save the "link->fw_id" first to avoid a potential use after free.

Affected Packages5 packages

▶Linuxlinux/linux_kernel6.15.0 — 6.17.8

▶Debianlinux/linux_kernel< 6.17.8-1

▶Ubuntulinux/linux_kernel< 6.17.0-14.14

▶CVEListV5linux/linuxd1e879ec600f9b3bdd253167533959facfefb17b — 5b4a239c9f94e1606435f1842fc6fd426d607dbb+2

▶debiandebian/linux< linux 6.17.8-1 (forky)

🔴Vulnerability Details

OSV

linux-azure vulnerabilities↗2026-02-24

▶

OSV

linux-oem-6.17 vulnerabilities↗2026-02-17

▶

OSV

linux-aws, linux-oracle vulnerabilities↗2026-02-17

▶

OSV

linux-gcp vulnerabilities↗2026-02-12

▶

OSV

linux, linux-raspi, linux-realtime vulnerabilities↗2026-02-12

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-02-24

▶

Ubuntu

Linux kernel (OEM) vulnerabilities↗2026-02-17

▶

Ubuntu

Linux kernel (GCP) vulnerabilities↗2026-02-12

▶

Ubuntu

Linux kernel vulnerabilities↗2026-02-12

▶

Red Hat

kernel: wifi: iwlwifi: fix potential use after free in iwl_mld_remove_link()↗2025-12-16

▶

🕵️Threat Intelligence

Wiz

CVE-2025-68182 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶