CVE-2025-68730

Summary

In the Linux kernel, the following vulnerability has been resolved:

accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context()

Don't add BO to the vdev->bo_list in ivpu_gem_create_object(). When failure happens inside drm_gem_shmem_create(), the BO is not fully created and ivpu_gem_bo_free() callback will not be called causing a deleted BO to be left on the list.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8d88e4cdce4f5c56de55174a4d32ea9c06f7fa66 < 8172838a284c27190fa6782c2740a97020434750affected
LinuxLinux8d88e4cdce4f5c56de55174a4d32ea9c06f7fa66 < c9ef5ccd8bd9bcf598b6d3f77e7eb4dde7149aecaffected
LinuxLinux8d88e4cdce4f5c56de55174a4d32ea9c06f7fa66 < 8b694b405a84696f1d964f6da7cf9721e68c4714affected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux6.17.13 <= 6.17.*unaffected
LinuxLinux6.18.2 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References