Use After Free Vulnerability in Linux Kernel's HFS Module
CVE-2025-68761

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 5 January 2026

What is CVE-2025-68761?

A vulnerability has been identified in the Linux kernel's HFS module, which may potentially allow for a use after free condition. The flaw arises from an improper management of reference counts during the execution of the hfs_correct_next_unused_CNID function. Specifically, the code sequence involved calls to hfs_bnode_put(node), decrementing the reference count before ensuring that 'node' is correctly referenced. This oversight can potentially lead to dereferencing a freed pointer, introducing risks for unauthorized access or system instability. The issue has been addressed in subsequent patches, emphasizing the importance of diligent coding practices in system software.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch