CVE-2025-68293

Linux Kernel - Null Pointer Dereference

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix NULL pointer deference when splitting folio Commit c010d47f107f ("mm: thp: split huge page to any lower order pages") introduced an early check on the folio's order via mapping->flags before proceeding with the split work. This check introduced a bug: for shmem folios in the swap cache and truncated folios, the mapping pointer can be NULL. Accessing mapping->flags in this state leads directly to a NULL pointer dereference. This commit fixes the issue by moving the check for mapping != NULL before any attempt to access mapping->flags.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/592db83615a9f0164472ec789c2ed34ad35f732f

Patch

https://git.kernel.org/stable/c/d1b83fbacd4397a1d2f8c6b13427a8636ae2b307

Patch

https://git.kernel.org/stable/c/cff47b9e39a6abf03dde5f4f156f841b0c54bba0

Scores

EPSS 0.0002

EPSS Percentile 7.0%

Details

Status published

Products (10)

linux/Kernel 6.13.0 - 6.17.11linux

linux/Kernel 6.9.0 - 6.12.61linux

Linux/Linux < 6.9

Linux/Linux 6.12.61 - 6.12.*

Linux/Linux 6.17.11 - 6.17.*

Linux/Linux 6.18

Linux/Linux 6.9

Linux/Linux c010d47f107f609b9f4d6a103b6dfc53889049e9 - 592db83615a9f0164472ec789c2ed34ad35f732f

Linux/Linux c010d47f107f609b9f4d6a103b6dfc53889049e9 - cff47b9e39a6abf03dde5f4f156f841b0c54bba0

Linux/Linux c010d47f107f609b9f4d6a103b6dfc53889049e9 - d1b83fbacd4397a1d2f8c6b13427a8636ae2b307

Published Dec 16, 2025

Tracked Since Feb 18, 2026