Linux Kernel Vulnerability in vmw_balloon During Migration
CVE-2025-68248

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 December 2025

What is CVE-2025-68248?

A flaw has been identified in the Linux kernel related to the vmw_balloon driver during the migration of balloon pages. When an old page is deflated during migration, it can improperly be marked as isolated even after a successful inflation of a new page. This inconsistency in memory status leads to complications in the migration process, where the isolated page remains flagged incorrectly, causing potential synchronization issues. The resolution aims to maintain consistency and clear the 'isolated' status effectively post-migration, enhancing the stability of memory handling.

Affected Version(s)

Linux 3544c4faccb8f0867bc65f8007ee70bfb5054305

Linux 3544c4faccb8f0867bc65f8007ee70bfb5054305 < 4ba5a8a7faa647ada8eae61a36517cf369f5bbe4

Linux 6.17

References

https://git.kernel.org/stable/c/aa05a044c5c2e147d726ac2fa...

https://git.kernel.org/stable/c/4ba5a8a7faa647ada8eae61a3...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2025
Vulnerability Reserved
Dec 16, 2025

JSON