CVE-2025-68319Linux vulnerability

17 documents8 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 16
Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: netconsole: Acquire su_mutex before navigating configs hierarchy There is a race between operations that iterate over the userdata cg_children list and concurrent add/remove of userdata items through configfs. The update_userdata() function iterates over the nt->userdata_group.cg_children list, and count_extradata_entries() also iterates over this same list to count nodes. Quoting from Documentation/filesystems/configfs.rst:

Affected Packages5 packages

Linuxlinux/linux_kernel6.9.06.17.8
Debianlinux/linux_kernel< 6.17.8-1
Ubuntulinux/linux_kernel< 6.17.0-14.14
CVEListV5linux/linuxdf03f830d099f0811281a222aefdd9d400fa0b72ff70aa7e8cf05745fdba7258952a8bedf33ea336+2
debiandebian/linux< linux 6.17.8-1 (forky)

🔴Vulnerability Details

8
OSV
linux-azure vulnerabilities2026-02-24
OSV
linux-oem-6.17 vulnerabilities2026-02-17
OSV
linux-aws, linux-oracle vulnerabilities2026-02-17
OSV
linux-gcp vulnerabilities2026-02-12
OSV
linux, linux-raspi, linux-realtime vulnerabilities2026-02-12

📋Vendor Advisories

6
Ubuntu
Linux kernel (Azure) vulnerabilities2026-02-24
Ubuntu
Linux kernel (OEM) vulnerabilities2026-02-17
Ubuntu
Linux kernel (GCP) vulnerabilities2026-02-12
Ubuntu
Linux kernel vulnerabilities2026-02-12
Red Hat
kernel: netconsole: Acquire su_mutex before navigating configs hierarchy2025-12-16

🕵️Threat Intelligence

1
Wiz
CVE-2025-68319 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

1
Bugzilla
CVE-2025-68319 kernel: netconsole: Acquire su_mutex before navigating configs hierarchy2025-12-16