CVE-2025-68755

Linux kernel - Null Pointer Dereference

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging. Specifically, commit 723de0f9171e ("staging: most: remove device from interface structure") started requiring drivers to set the interface device pointer before registration, but the I2C driver was never updated which results in a NULL pointer dereference if anyone ever tries to probe it.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/6cbba922934805f86eece6ba7010b7201962695d

Patch

https://git.kernel.org/stable/c/6059a66dba7f26b21852831432e17075f1a1c783

Patch

https://git.kernel.org/stable/c/e463548fd80e779efea1cb2d3049b8a7231e6925

Patch

https://git.kernel.org/stable/c/495df2da6944477d282d5cc0c13174d06e25b310

Scores

EPSS 0.0003

EPSS Percentile 10.3%

Details

Status published

Products (13)

linux/Kernel 5.6.0 - 6.6.120linux

linux/Kernel 6.18.0 - 6.18.2linux

linux/Kernel 6.7.0 - 6.17.13linux

Linux/Linux < 5.6

Linux/Linux 5.6

Linux/Linux 6.17.13 - 6.17.*

Linux/Linux 6.18.2 - 6.18.*

Linux/Linux 6.19

Linux/Linux 6.6.120 - 6.6.*

Linux/Linux 723de0f9171eeb49a3ae98cae82ebbbb992b3a7c - 495df2da6944477d282d5cc0c13174d06e25b310

... and 3 more

Published Jan 05, 2026

Tracked Since Feb 18, 2026