CVE-2025-68207

high

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Synchronize Dead CT worker with unbind Cancel and wait for any Dead CT worker to complete before continuing with device unbinding. Else the worker will end up using resources freed by the undind operation. (cherry picked from commit 492671339114e376aaa38626d637a2751cdef263)

References

https://git.kernel.org/stable/c/ce6ccf8e881a919bf902174ac879f80c97669498

https://git.kernel.org/stable/c/95af8f4fdce8349a5fe75264007f1af2aa1082ea

https://git.kernel.org/stable/c/35959ab7d16b618616edf6df882a4533d2efe193

Details

Source: Mitre, NVD

Published: 2025-12-16

Updated: 2025-12-18

Risk Information

CVSS v2

Base Score: 6.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High

EPSS

EPSS: 0.00017