CVE-2025-68766

high

Description

In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() If irq_domain_translate_twocell() sets "hwirq" to >= MCHP_EIC_NIRQ (2) then it results in an out of bounds access. The code checks for invalid values, but doesn't set the error code. Return -EINVAL in that case, instead of returning success.

References

https://git.kernel.org/stable/c/efd65e2e2fd96f7aaa5cb07d79bbbfcfc80aa552

https://git.kernel.org/stable/c/c21c606ad398eeb86a0f3aaff9ba4f2665e286c6

https://git.kernel.org/stable/c/7dbc0d40d8347bd9de55c904f59ea44bcc8dedb7

https://git.kernel.org/stable/c/3873afcb57614c1aaa5b6715554d6d1c22cac95a

https://git.kernel.org/stable/c/324c60a67c4b9668497940f667db14d216cc7b1b

https://git.kernel.org/stable/c/09efe7cfbf919c4d763bc425473fcfee0dc98356

Details

Source: Mitre, NVD

Published: 2026-01-05

Updated: 2026-01-11

Risk Information

CVSS v2

Base Score: 6.2

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High

EPSS

EPSS: 0.00018