CVE-2025-68728Linux vulnerability

40 documents8 sources
Severity
7.8HIGHOSV
OSV7.2
No vector
EPSS
0.1%
top 83.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
LinuxLinux KernelDebian Linux+10 more
Timeline
PublishedDec 24
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix uninit memory after failed mi_read in mi_format_new Fix a KMSAN un-init bug found by syzkaller. ntfs_get_bh() expects a buffer from sb_getblk(), that buffer may not be uptodate. We do not bring the buffer uptodate before setting it as uptodate. If the buffer were to not be uptodate, it could mean adding a buffer with un-init data to the mi record. Attempting to load that record will trigger KMSAN. Avoid this by se

Affected Packages15 packages

Linuxlinux/linux_kernel5.15.05.15.198+5
Debianlinux/linux_kernel< 6.1.162-1+2
Ubuntulinux/linux_kernel< 5.15.0-173.183+1

🔴Vulnerability Details

16
OSV
linux-oem-6.17 vulnerabilities2026-04-06
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-azure, linux-azure-6.17 vulnerabilities2026-03-25
OSV
linux-intel-iot-realtime vulnerabilities2026-03-23

📋Vendor Advisories

22
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2026-04-17
Ubuntu
Linux kernel vulnerabilities2026-04-16
Ubuntu
Linux kernel (Azure) vulnerabilities2026-04-13

🕵️Threat Intelligence

1
Wiz
CVE-2025-68728 Impact, Exploitability, and Mitigation Steps | Wiz