Null Pointer Dereference in Linux Kernel's DRM Subsystem
CVE-2025-68228

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68228?

A vulnerability exists in the Linux kernel's DRM subsystem related to the create_in_format_blob() function. This function is intended to return a valid pointer or an error code, but in certain failure scenarios, it erroneously returns NULL. If called without proper validation, this can lead to a null pointer dereference, causing system instability or crashes. The issue has been addressed by ensuring that appropriate error values are returned during failure cases, thus preventing potential disruptions in systems utilizing the Linux kernel.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 0d6dcd741c266389bbf0a8758f537b3a171ac32a < 860f93f4fce1e733b8a2474f6bfa153243d775f3

Linux 0d6dcd741c266389bbf0a8758f537b3a171ac32a

Linux 6.16

References

https://git.kernel.org/stable/c/860f93f4fce1e733b8a2474f6...
https://git.kernel.org/stable/c/cead55e24cf9e092890cf51c0...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.