CVE-2025-68800Expired Pointer Dereference in Linux

CWE-825Expired Pointer Dereference30 documents7 sources
Severity
7.8HIGHOSV
No vector
EPSS
0.1%
top 83.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
LinuxLinux KernelDebian Linux+11 more
Timeline
PublishedJan 13
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex (instead of RTNL) to protect the multicast route list, so that it will not change while the driver periodically traverses it in order to update the kernel about multicast route stats that were queried from the device. One instance of list entry deletion (during route replace) was missed and it can result in a use-af

Affected Packages16 packages

Linuxlinux/linux_kernel5.7.05.10.248+5
Debianlinux/linux_kernel< 5.10.249-1+3
Ubuntulinux/linux_kernel< 5.15.0-173.183
CVEListV5linux/linuxf38656d067257cc43b652958dd154e1ab0773701b957366f5611bbaba03dd10ef861283347ddcc88+7
debiandebian/linux< linux 6.1.162-1 (bookworm)

🔴Vulnerability Details

10
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-intel-iot-realtime vulnerabilities2026-03-23
OSV
linux-nvidia-tegra-igx vulnerabilities2026-03-23
OSV
linux-realtime vulnerabilities2026-03-17
OSV
linux-aws-5.15, linux-gcp-5.15, linux-gke, linux-hwe-5.15, linux-intel-iotg-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities2026-03-17

📋Vendor Advisories

18
Ubuntu
Linux kernel (GCP) vulnerabilities2026-04-17
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2026-04-17

🕵️Threat Intelligence

1
Wiz
CVE-2025-68800 Impact, Exploitability, and Mitigation Steps | Wiz