Use-After-Free Vulnerability in Linux Kernel's NVMe Controller
CVE-2025-68265

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68265?

A use-after-free vulnerability exists in the Linux kernel related to the NVMe controller's admin request_queue. When a controller is torn down, stale references to the admin request_queue can remain active, potentially leading to unauthorized access. This issue requires careful management of the controller's lifecycle to prevent access to deallocated memory. The vulnerability has been addressed by ensuring that the admin request_queue is active only after all references to the controller have been released during teardown.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux fe60e8c534118a288cd251a59d747cbf5c03e160

Linux fe60e8c534118a288cd251a59d747cbf5c03e160

Linux fe60e8c534118a288cd251a59d747cbf5c03e160

References

https://git.kernel.org/stable/c/a505f0ba36ab24176c300d7ff...
https://git.kernel.org/stable/c/e8061d02b49c5c901980f58d9...
https://git.kernel.org/stable/c/e7dac681790556c131854b975...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.