CVE-2025-68307 — Missing Release of Resource after Effective Lifetime in Linux

CWE-772 — Missing Release of Resource after Effective Lifetime37 documents8 sources

Severity

7.2HIGHOSV

OSV3.2

No vector

EPSS

0.0%

top 89.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +2 more

Timeline

PublishedDec 16

Latest updateApr 9

Description

In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and ultimately to a complete stop of the transmission. If the sending of a bulk URB fails do proper cleanup: - increase netdev stats - mark the echo_sbk as free - free the driver's context and do accoun…

Affected Packages7 packages

▶Linuxlinux/linux_kernel3.16.0 — 6.1.159+3

▶Debianlinux/linux_kernel< 6.1.159-1+2

▶Ubuntulinux/linux_kernel< 6.8.0-106.106+1

▶msrcmsrc/azl3_kernel_6.6.117.1-1_on_azure_linux_3.0

▶CVEListV5linux/linuxd08e973a77d128b25e01a08c34d89593fdf222da — f7a5560675bd85efaf16ab01a43053670ff2b000+5

🔴Vulnerability Details

OSV

linux-oem-6.17 vulnerabilities↗2026-04-06

▶

OSV

linux-raspi, linux-raspi-realtime vulnerabilities↗2026-04-01

▶

OSV

linux-raspi vulnerabilities↗2026-04-01

▶

OSV

linux-azure, linux-azure-6.17 vulnerabilities↗2026-03-25

▶

OSV

linux-azure-6.8 vulnerabilities↗2026-03-25

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure FIPS) vulnerabilities↗2026-04-09

▶

Ubuntu

Linux kernel (OEM) vulnerabilities↗2026-04-06

▶

Ubuntu

Linux kernel (Raspberry Pi) vulnerabilities↗2026-04-01

▶

Ubuntu

Linux kernel (Raspberry Pi) vulnerabilities↗2026-04-01

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-03-25

▶

🕵️Threat Intelligence

Wiz

CVE-2025-68307 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶