CVE-2025-68228Linux vulnerability

20 documents8 sources
Severity
7.2HIGHOSV
No vector
EPSS
0.0%
top 89.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 16
Latest updateApr 6

Description

In the Linux kernel, the following vulnerability has been resolved: drm/plane: Fix create_in_format_blob() return value create_in_format_blob() is either supposed to return a valid pointer or an error, but never NULL. The caller will dereference the blob when it is not an error, and thus will oops if NULL returned. Return proper error values in the failure cases.

Affected Packages5 packages

Linuxlinux/linux_kernel6.16.06.17.10
Debianlinux/linux_kernel< 6.17.10-1
Ubuntulinux/linux_kernel< 6.17.0-19.19
CVEListV5linux/linux0d6dcd741c266389bbf0a8758f537b3a171ac32a860f93f4fce1e733b8a2474f6bfa153243d775f3+2
debiandebian/linux< linux 6.17.10-1 (forky)

🔴Vulnerability Details

9
OSV
linux-oem-6.17 vulnerabilities2026-04-06
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-azure, linux-azure-6.17 vulnerabilities2026-03-25
OSV
linux-realtime-6.17 vulnerabilities2026-03-23
OSV
linux-gcp-6.17, linux-realtime vulnerabilities2026-03-17

📋Vendor Advisories

8
Ubuntu
Linux kernel (OEM) vulnerabilities2026-04-06
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2026-04-01
Ubuntu
Linux kernel (Azure) vulnerabilities2026-03-25
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-03-23
Ubuntu
Linux kernel vulnerabilities2026-03-17

🕵️Threat Intelligence

1
Wiz
CVE-2025-68228 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

1
Bugzilla
CVE-2025-68228 kernel: drm/plane: Fix create_in_format_blob() return value2025-12-16