CVE-2025-68303

Linux Kernel 4.5.0-6.17.10 Memory Corruption via P-Unit IPC Device Pointer Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel: punit_ipc: fix memory corruption This passes the address of the pointer "&punit_ipcdev" when the intent was to pass the pointer itself "punit_ipcdev" (without the ampersand). This means that the: complete(&ipcdev->cmd_complete); in intel_punit_ioc() will write to a wrong memory address corrupting it.

References (6)

Core 6

Core References

Patch

https://git.kernel.org/stable/c/15d560cdf5b36c51fffec07ac2a983ab3bff4cb2

Patch

https://git.kernel.org/stable/c/46e9d6f54184573dae1dcbcf6685a572ba6f4480

Patch

https://git.kernel.org/stable/c/3e7442c5802146fd418ba3f68dcb9ca92b5cec83

Patch

https://git.kernel.org/stable/c/a21615a4ac6fecbb586d59fe2206b63501021789

Patch

https://git.kernel.org/stable/c/c2ee6d38996775a19bfdf20cb01a9b8698cb0baa

Patch

https://git.kernel.org/stable/c/9b9c0adbc3f8a524d291baccc9d0c04097fb4869

Scores

EPSS 0.0005

EPSS Percentile 16.5%

Details

Status published

Products (19)

linux/Kernel 4.5.0 - 5.15.197linux

linux/Kernel 5.16.0 - 6.1.159linux

linux/Kernel 6.13.0 - 6.17.11linux

linux/Kernel 6.2.0 - 6.6.119linux

linux/Kernel 6.7.0 - 6.12.61linux

Linux/Linux < 4.5

Linux/Linux 4.5

Linux/Linux 5.15.197 - 5.15.*

Linux/Linux 6.1.159 - 6.1.*

Linux/Linux 6.12.61 - 6.12.*

... and 9 more

Published Dec 16, 2025

Tracked Since Feb 18, 2026