CVE-2025-68732Improper Update of Reference Count in Linux

CWE-911Improper Update of Reference Count41 documents9 sources
Severity
7.8HIGHOSV
OSV7.2
No vector
EPSS
0.1%
top 83.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
LinuxLinux KernelDebian Linux+11 more
Timeline
PublishedDec 24
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1x_syncpt_alloc() and host1x_syncpt_put() by using kref_put_mutex() instead of kref_put() + manual mutex locking. This ensures no thread can acquire the syncpt_mutex after the refcount drops to zero but before syncpt_release acquires it. This prevents races where syncpoints could be allocated while still being cleaned up from a previous release. Remove

Affected Packages16 packages

Linuxlinux/linux_kernel5.13.05.15.198+5
Debianlinux/linux_kernel< 6.1.162-1+2
Ubuntulinux/linux_kernel< 5.15.0-173.183+1

🔴Vulnerability Details

16
OSV
linux-oem-6.17 vulnerabilities2026-04-06
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-azure, linux-azure-6.17 vulnerabilities2026-03-25
OSV
linux-intel-iot-realtime vulnerabilities2026-03-23

📋Vendor Advisories

22
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2026-04-17
Ubuntu
Linux kernel vulnerabilities2026-04-16
Ubuntu
Linux kernel (Azure) vulnerabilities2026-04-13

🕵️Threat Intelligence

1
Wiz
CVE-2025-68732 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

1
Bugzilla
CVE-2025-68732 kernel: Linux kernel: Denial of Service in GPU host1x due to race condition2025-12-24
CVE-2025-68732 — Improper Update of Reference Count | cvebase