CVE-2025-68773Linux vulnerability

14 documents7 sources
Severity
6.4MEDIUM
No vector
EPSS
0.1%
top 83.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
LinuxLinux KernelDebian Linux+11 more
Timeline
PublishedJan 13
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec826bce ("spi: fsl-cpm: Use 16 bit mode for large transfers with even size") failed to make sure that the size is really even before switching to 16 bit mode. Until recently the problem went unnoticed because kernfs uses a pre-allocated bounce buffer of size PAGE_SIZE for reading EEPROM. But commit 8ad6249c51d0 ("eeprom: at25: convert to spi-mem API

Affected Packages15 packages

Linuxlinux/linux_kernel5.11.05.15.198+5
Debianlinux/linux_kernel< 5.10.249-1+3
CVEListV5linux/linux60afe299bb541a928ba39bcb4ae8d3e428d1c5a5c8f1d35076b78df61ace737e41cc1f4b7b63236c+12
debiandebian/linux< linux 6.1.162-1 (bookworm)
debiandebian/linux-6.1< linux 6.1.162-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-wrfv-x882-24r3: In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec82026-01-13
OSV
spi: fsl-cpm: Check length parity before switching to 16 bit mode2026-01-13
OSV
CVE-2025-68773: In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec8262026-01-13

📋Vendor Advisories

9
Ubuntu
Linux kernel (GCP) vulnerabilities2026-04-17
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2026-04-17

🕵️Threat Intelligence

1
Wiz
CVE-2025-68773 Impact, Exploitability, and Mitigation Steps | Wiz