Double-Free Vulnerability in Linux Kernel's Crypto/zstd Module
CVE-2025-68262

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68262?

A vulnerability in the Linux Kernel's crypto/zstd module has been identified, where a double-free condition arises during the cleanup of per-CPU streams. This occurs when multiple Transform Functions (tfms) are allocated and subsequently freed. The issue stems from the lifecycle management of zstd_streams, which leads to attempts to free the same shared per-CPU streams multiple times, creating instability and potential crashes in the system. This vulnerability emphasizes the need for proper resource management to prevent similar occurrences.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux f5ad93ffb54119a8dc5e18f070624d4ead586969

Linux f5ad93ffb54119a8dc5e18f070624d4ead586969

Linux f5ad93ffb54119a8dc5e18f070624d4ead586969 < 48bc9da3c97c15f1ea24934bcb3b736acd30163d

References

https://git.kernel.org/stable/c/dc0f4509b0ed5d82bef78e058...
https://git.kernel.org/stable/c/e983feaa79de1e46c9087fb9f...
https://git.kernel.org/stable/c/48bc9da3c97c15f1ea24934bc...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.