CVE-2025-68782

Linux Kernel 5.8.0-6.18.2 - Use-After-Free in SCSI Target Command Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Reset t_task_cdb pointer in error case If allocation of cmd->t_task_cdb fails, it remains NULL but is later dereferenced in the 'err' path. In case of error, reset NULL t_task_cdb value to point at the default fixed-size buffer. Found by Linux Verification Center (linuxtesting.org) with SVACE.

References (7)

Core 7

Core References

Patch

https://git.kernel.org/stable/c/6cac97b12bdab04832e0416d049efcd0d48d303b

Patch

https://git.kernel.org/stable/c/45fd86b444105c8bd07a763f58635c87e5dc7aea

Patch

https://git.kernel.org/stable/c/8727663ded659aad55eef21e3864ebf5a4796a96

Patch

https://git.kernel.org/stable/c/0260ad551b0815eb788d47f32899fbcd65d6f128

Patch

https://git.kernel.org/stable/c/0d36db68fdb8a3325386fd9523b67735f944e1f3

Patch

https://git.kernel.org/stable/c/8edbb9e371af186b4cf40819dab65fafe109df4d

Patch

https://git.kernel.org/stable/c/5053eab38a4c4543522d0c320c639c56a8b59908

Scores

EPSS 0.0007

EPSS Percentile 21.0%

Details

Status published

Products (22)

linux/Kernel 5.11.0 - 5.15.198linux

linux/Kernel 5.16.0 - 6.1.160linux

linux/Kernel 5.8.0 - 5.10.248linux

linux/Kernel 6.13.0 - 6.18.3linux

linux/Kernel 6.2.0 - 6.6.120linux

linux/Kernel 6.7.0 - 6.12.64linux

Linux/Linux < 5.8

Linux/Linux 5.10.248 - 5.10.*

Linux/Linux 5.15.198 - 5.15.*

Linux/Linux 5.8

... and 12 more

Published Jan 13, 2026

Tracked Since Feb 18, 2026