CVEFinder.io

CVE-2025-68338

🔶 medium
Summary

In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Don't free uninitialized ksz_irq If something goes wrong at setup, ksz_irq_free() can be called on uninitialized ksz_irq (for example when ksz_ptp_irq_setup() fails). It leads to freeing uninitialized IRQ numbers and/or domains. Use dsa_switch_for_each_user_port_continue_reverse() in the error path to iterate only over the fully initialized ports.

CVSS Score
-
EPSS Score
0.0
Exploit Probability
Published Date
2025-12-23
First Seen: 2026-01-05
Last Modified 2025-12-23
Source NVD 🔗

🔗 References 3

https://git.kernel.org/stable/c/25b62cc5b22c45face09...
https://git.kernel.org/stable/c/32abbcf4379a0f851d7e...
https://git.kernel.org/stable/c/9428654c827fa8d38b89...

📦 Affected Products 4

Vendor Product Status Affected Versions
linux linux Affected
≥ cc13ab18b201ab630f03511060ba289b70052959 < 25b62cc5b22c45face094ae3e8717258e46d1d19
linux linux Affected
≥ cc13ab18b201ab630f03511060ba289b70052959 < 32abbcf4379a0f851d7eb9d4389e7bf5c64bf6c0
linux linux Affected
≥ cc13ab18b201ab630f03511060ba289b70052959 < 9428654c827fa8d38b898135d26d39ee2d544246
linux linux Affected
v6.3

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-68339 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fix possible data race in fore200e_op... 2025-12-23
CVE-2025-68340 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of te... 2025-12-23
CVE-2025-68341 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP no_direct return section to fix ra... 2025-12-23
CVE-2025-68342 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): check ... 2025-12-23
CVE-2025-68343 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): check ... 2025-12-23
CVE-2025-68326 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Fix stack_depot usage Add missing stac... 2025-12-22
These CVEs affect the same products