CVE-2025-68211Unchecked Input for Loop Condition in Linux

CWE-606Unchecked Input for Loop Condition22 documents8 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 90.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
15
LinuxLinux KernelDebian Linux+12 more
Timeline
PublishedDec 16
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: ksm: use range-walk function to jump over holes in scan_get_next_rmap_item Currently, scan_get_next_rmap_item() walks every page address in a VMA to locate mergeable pages. This becomes highly inefficient when scanning large virtual memory areas that contain mostly unmapped regions, causing ksmd to use large amount of cpu without deduplicating much pages. This patch replaces the per-address lookup with a range walk using walk

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages17 packages

NVDlinux/linux_kernel2.6.325.10.249+6
Debianlinux/linux_kernel< 5.10.249-1+3
Ubuntulinux/linux_kernel< 6.17.0-14.14

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

7
OSV
linux-azure vulnerabilities2026-02-24
OSV
linux-oem-6.17 vulnerabilities2026-02-17
OSV
linux-aws, linux-oracle vulnerabilities2026-02-17
OSV
linux-gcp vulnerabilities2026-02-12
OSV
linux, linux-raspi, linux-realtime vulnerabilities2026-02-12

📋Vendor Advisories

13
Ubuntu
Linux kernel (HWE) vulnerabilities2026-04-17
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2026-04-17
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel vulnerabilities2026-04-16

🕵️Threat Intelligence

1
Wiz
CVE-2025-68211 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-68211 — Unchecked Input for Loop Condition | cvebase