CVE-2025-68290

EPSS 0.06%

發布日:2025/12/16修改日:2026/4/28

描述

In the Linux kernel, the following vulnerability has been resolved: most: usb: fix double free on late probe failure The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads to bugs in the MOST drivers, and a couple of recent changes turned a reference underflow and use-after-free in the USB driver into several double free and a use-after-free on late probe failures.

受影響套件(2)

Debian/linuxfrom 0, < 5.10.247-1
Debian/linux-6.1from 0, < 6.1.159-1~deb11u1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2025-68290