CVE-2025-68734 — Missing Release of Resource after Effective Lifetime in Linux

CWE-772 — Missing Release of Resource after Effective Lifetime49 documents7 sources

Severity

7.8HIGHOSV

OSV3.2

No vector

EPSS

0.0%

top 89.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +1 more

Timeline

PublishedDec 24

Latest updateApr 13

Description

In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe() In hfcsusb_probe(), the memory allocated for ctrl_urb gets leaked when setup_instance() fails with an error code. Fix that by freeing the urb before freeing the hw structure. Also change the error paths to use the goto ladder style. Compile tested only. Issue found using a prototype static analysis tool.

Affected Packages6 packages

▶Linuxlinux/linux_kernel2.6.29 — 5.4.302+6

▶Debianlinux/linux_kernel< 5.10.247-1+3

▶Ubuntulinux/linux_kernel< 5.15.0-173.183+2

▶CVEListV5linux/linux69f52adb2d534afc41fcc658f155e01f0b322f9e — 475032fa2bb82ffb592c321885e917e39f47357f+8

▶debiandebian/linux< linux 6.1.159-1 (bookworm)

🔴Vulnerability Details

OSV

linux-raspi vulnerabilities↗2026-04-01

▶

OSV

linux-raspi, linux-raspi-realtime vulnerabilities↗2026-04-01

▶

OSV

linux-azure-6.8 vulnerabilities↗2026-03-25

▶

OSV

linux-azure vulnerabilities↗2026-03-25

▶

OSV

linux-intel-iot-realtime vulnerabilities↗2026-03-23

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-04-13

▶

Ubuntu

Linux kernel (Azure FIPS) vulnerabilities↗2026-04-09

▶

Ubuntu

Linux kernel (Azure FIPS) vulnerabilities↗2026-04-09

▶

Ubuntu

Linux kernel (Raspberry Pi) vulnerabilities↗2026-04-01

▶

Ubuntu

Linux kernel (Raspberry Pi) vulnerabilities↗2026-04-01

▶

🕵️Threat Intelligence

Wiz

CVE-2025-68734 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶