CVE-2025-68784 — Expired Pointer Dereference in Linux

CWE-825 — Expired Pointer Dereference10 documents7 sources

Severity

6.4MEDIUM

No vector

EPSS

0.0%

top 93.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +3 more

Timeline

PublishedJan 13

Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: xfs: fix a UAF problem in xattr repair The xchk_setup_xattr_buf function can allocate a new value buffer, which means that any reference to ab->value before the call could become a dangling pointer. Fix this by moving an assignment to after the buffer setup.

Affected Packages7 packages

▶Linuxlinux/linux_kernel6.10.0 — 6.12.64+1

▶Debianlinux/linux_kernel< 6.12.69-1+1

▶CVEListV5linux/linuxe47dcf113ae348678143cc935a1183059c02c9ad — 1e2d3aa19c7962b9474b22893160cb460494c45f+3

▶debiandebian/linux< linux 6.18.3-1 (forky)

▶ubuntuubuntu/linux-gcp

🔴Vulnerability Details

OSV

CVE-2025-68784: In the Linux kernel, the following vulnerability has been resolved: xfs: fix a UAF problem in xattr repair The xchk_setup_xattr_buf function can alloc↗2026-01-13

▶

OSV

xfs: fix a UAF problem in xattr repair↗2026-01-13

▶

GHSA

GHSA-cm82-qh9h-xpj6: In the Linux kernel, the following vulnerability has been resolved: xfs: fix a UAF problem in xattr repair The xchk_setup_xattr_buf function can all↗2026-01-13

▶

📋Vendor Advisories

Ubuntu

Linux kernel (GCP) vulnerabilities↗2026-04-17

▶

Ubuntu

Linux kernel (Real-time) vulnerabilities↗2026-04-17

▶

Ubuntu

Linux kernel vulnerabilities↗2026-04-16

▶

Red Hat

kernel: xfs: fix a UAF problem in xattr repair↗2026-01-13

▶

Debian

CVE-2025-68784: linux - In the Linux kernel, the following vulnerability has been resolved: xfs: fix a ...↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-68784 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶