LED Backlight Vulnerability in Linux Kernel Affects Multiple Devices
CVE-2025-68758

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
5 January 2026

What is CVE-2025-68758?

The Linux kernel has identified a vulnerability related to the LED Backlight subsystem, where incorrect supplier-producer links are established. Specifically, when a class device functions as a supplier for LED devices, the devlink is improperly generated. This misconfiguration can lead to issues where the removal order of devices is not enforced, particularly in configurations involving device tree overlays. It results in a scenario where the LED driver is removed prior to the associated backlight device, causing a kernel NULL pointer dereference. The vulnerability has been addressed by ensuring correct devlink creation between consuming and supplying devices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux ae232e45acf9621f2c96b41ca3af006ac7552c33 < 64739adf3eef063b8e2c72b7e919eac8c6480bf0

Linux ae232e45acf9621f2c96b41ca3af006ac7552c33

Linux ae232e45acf9621f2c96b41ca3af006ac7552c33

References

https://git.kernel.org/stable/c/64739adf3eef063b8e2c72b7e...
https://git.kernel.org/stable/c/cd01a24b3e52d6777b49c917d...
https://git.kernel.org/stable/c/e06df738a9ad8417f1c4c7cd6...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.