Null Pointer Dereference Vulnerability in Linux Kernel PCI/AER Module
CVE-2025-68309

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68309?

A vulnerability has been identified in the PCI/AER module of the Linux kernel, where improper handling of memory allocation through kzalloc can lead to a null pointer dereference. If kzalloc returns NULL, any access to the aer_info structure can trigger a kernel panic, resulting in system instability. This issue emphasizes the importance of checking return values for memory allocation to prevent unforeseen errors in kernel operations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux a57f2bfb4a5863f83087867c0e671f2418212d23 < 6618243bcc3f60825f761a41ed65fef9fe97eb25

Linux a57f2bfb4a5863f83087867c0e671f2418212d23 < 0a27bdb14b028fed30a10cec2f945c38cb5ca4fa

Linux 6.16

References

https://git.kernel.org/stable/c/6618243bcc3f60825f761a41e...
https://git.kernel.org/stable/c/0a27bdb14b028fed30a10cec2...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.