CVE-2025-68776 — NULL Pointer Dereference in Linux

CWE-476 — NULL Pointer Dereference30 documents7 sources

Severity

7.8HIGHOSV

No vector

EPSS

0.1%

top 83.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +11 more

Timeline

PublishedJan 13

Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() prp_get_untagged_frame() calls __pskb_copy() to create frame->skb_std but doesn't check if the allocation failed. If __pskb_copy() returns NULL, skb_clone() is called with a NULL pointer, causing a crash: Oops: general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x00000000000…

Affected Packages16 packages

▶debiandebian/linux< linux 6.1.162-1 (bookworm)

▶debiandebian/linux-6.1< linux 6.1.162-1 (bookworm)

▶Linuxlinux/linux_kernel3.17.0 — 5.10.248+5

▶Debianlinux/linux_kernel< 5.10.249-1+3

▶Ubuntulinux/linux_kernel< 5.15.0-173.183

🔴Vulnerability Details

OSV

linux-raspi vulnerabilities↗2026-04-01

▶

OSV

linux-intel-iot-realtime vulnerabilities↗2026-03-23

▶

OSV

linux-nvidia-tegra-igx vulnerabilities↗2026-03-23

▶

OSV

linux-realtime vulnerabilities↗2026-03-17

▶

OSV

linux-aws-5.15, linux-gcp-5.15, linux-gke, linux-hwe-5.15, linux-intel-iotg-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities↗2026-03-17

▶

📋Vendor Advisories

Ubuntu

Linux kernel (GCP) vulnerabilities↗2026-04-17

▶

Ubuntu

Linux kernel (FIPS) vulnerabilities↗2026-04-17

▶

Ubuntu

Linux kernel (Real-time) vulnerabilities↗2026-04-17

▶

Ubuntu

Linux kernel (Real-time) vulnerabilities↗2026-04-17

▶

Ubuntu

Linux kernel (NVIDIA) vulnerabilities↗2026-04-17

▶

🕵️Threat Intelligence

Wiz

CVE-2025-68776 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶