CVE-2025-68752

medium

Description

In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptp_clock_settime() assumes every ptp_clock has implemented settime64(). Stub it with -EOPNOTSUPP to prevent a NULL dereference. The fix is similar to commit 329d050bbe63 ("gve: Implement settime64 with -EOPNOTSUPP").

References

https://git.kernel.org/stable/c/9e3dbc3bb2e2aa728b49422b2e5344488f93f690

https://git.kernel.org/stable/c/6d080f810ffd6b8e002ce5bee8b9c551ca2535c2

https://git.kernel.org/stable/c/1e43ebcd5152b3e681a334cc6542fb21770c3a2e

Details

Source: Mitre, NVD

Published: 2026-01-05

Updated: 2026-01-08

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00017