CVE-2025-68309

Linux Kernel - NULL Pointer Dereference in PCI/AER aer_info

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aer_info The kzalloc(GFP_KERNEL) may return NULL, so all accesses to aer_info->xxx will result in kernel panic. Fix it.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/6618243bcc3f60825f761a41ed65fef9fe97eb25

Patch

https://git.kernel.org/stable/c/0a27bdb14b028fed30a10cec2f945c38cb5ca4fa

Scores

EPSS 0.0003

EPSS Percentile 7.8%

Details

Status published

Products (7)

linux/Kernel 6.16.0 - 6.17.8linux

Linux/Linux < 6.16

Linux/Linux 6.16

Linux/Linux 6.17.8 - 6.17.*

Linux/Linux 6.18

Linux/Linux a57f2bfb4a5863f83087867c0e671f2418212d23 - 0a27bdb14b028fed30a10cec2f945c38cb5ca4fa

Linux/Linux a57f2bfb4a5863f83087867c0e671f2418212d23 - 6618243bcc3f60825f761a41ed65fef9fe97eb25

Published Dec 16, 2025

Tracked Since Feb 18, 2026