CVE-2025-68731Linux vulnerability

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 92.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array() The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2_pci.c:904 aie2_query_ctx_status_array() warn: potential user controlled sizeof overflow 'args->num_element * args->element_size' '1-u32max(user) * 1-u32max(user)' Even this will not cause a real issue, it is better to put a reasonable limitation for element_size and num_

Affected Packages3 packages

Linuxlinux/linux_kernel6.18.06.18.2
CVEListV5linux/linux2f509fe6a42cda845890273fe759fb7ba9edad97359653edd5374fbba28f93043554dcc494aee85f+2
debiandebian/linux

🔴Vulnerability Details

3
GHSA
GHSA-xqwg-jrcf-r9xg: In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array() The unpu2025-12-24
OSV
CVE-2025-68731: In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array() The unpubl2025-12-24
OSV
accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array()2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array()2025-12-24
Debian
CVE-2025-68731: linux - In the Linux kernel, the following vulnerability has been resolved: accel/amdxd...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-68731 Impact, Exploitability, and Mitigation Steps | Wiz