CVE-2025-68224Kernel vulnerability

7 documents6 sources
Severity
7.1HIGH
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux KernelMsrc Azl3 Kernel 6.6.117.1-1 ON Azure Linux 3.0
Timeline
PublishedDec 16

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a regression triggered by scsi_host_busy() Commit 995412e23bb2 ("blk-mq: Replace tags->lock with SRCU for tag iterators") introduced the following regression: Call trace: __srcu_read_lock+0x30/0x80 (P) blk_mq_tagset_busy_iter+0x44/0x300 scsi_host_busy+0x38/0x70 ufshcd_print_host_state+0x34/0x1bc ufshcd_link_startup.constprop.0+0xe4/0x2e0 ufshcd_init+0x944/0xf80 ufshcd_pltfrm_init+0x504/0x820 ufs_rockchip_probe

Affected Packages3 packages

Linuxlinux/linux_kernel5.11.05.15.197+5
Debianlinux/linux_kernel< 5.10.247-1+1

🔴Vulnerability Details

3
GHSA
GHSA-5gm7-3j8q-f938: In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a regression triggered by scsi_host_busy() Commit 995412e23bb2 (2025-12-16
OSV
CVE-2025-68224: In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a regression triggered by scsi_host_busy() Commit 995412e23bb2 ("b2025-12-16
OSV
scsi: core: Fix a regression triggered by scsi_host_busy()2025-12-16

📋Vendor Advisories

2
Red Hat
kernel: scsi: core: Fix a regression triggered by scsi_host_busy()2025-12-16
Microsoft
scsi: core: Fix a regression triggered by scsi_host_busy()2025-12-09

🕵️Threat Intelligence

1
Wiz
CVE-2025-68224 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

1
Bugzilla
CVE-2025-68224 kernel: scsi: core: Fix a regression triggered by scsi_host_busy()2025-12-16