Linux Kernel Vulnerability in MOST Subsystem Affects USB Drivers
CVE-2025-68290

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68290?

A notable vulnerability exists within the Linux kernel's MOST subsystem, which can lead to multiple security issues in USB drivers. This vulnerability arises from a non-standard registration function that mishandles interface memory during registration failures and deregistration processes. Recent modifications have exacerbated the situation, resulting in double free and use-after-free scenarios, especially during late probe failures. These memory management flaws could potentially allow attackers to exploit the affected drivers, leading to system instability or unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c < 90e6ce2b1b19fb8b9d4afee69f40e4c6a4791154

Linux 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c

Linux 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c < 0dece48660be16918ecf2dbdc7193e8be03e1693

References

https://git.kernel.org/stable/c/90e6ce2b1b19fb8b9d4afee69...
https://git.kernel.org/stable/c/a4c4118c2af284835b16431bb...
https://git.kernel.org/stable/c/0dece48660be16918ecf2dbdc...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.