AZL-72442

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-72442.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-72442

Upstream

CVE-2025-68198

Published

2025-12-16T14:15:52Z

Modified

2026-04-01T05:22:09.606763Z

Summary

CVE-2025-68198 affecting package kernel for versions less than 6.6.119.3-1

Details

In the Linux kernel, the following vulnerability has been resolved:

crash: fix crashkernel resource shrink

When crashkernel is configured with a high reservation, shrinking its value below the low crashkernel reservation causes two issues:

Invalid crashkernel resource objects
Kernel crash if crashkernel shrinking is done twice

For example, with crashkernel=200M,high, the kernel reserves 200MB of high memory and some default low memory (say 256MB). The reservation appears as:

cat /proc/iomem | grep -i crash af000000-beffffff : Crash kernel 433000000-43f7fffff : Crash kernel

If crashkernel is then shrunk to 50MB (echo 52428800 > /sys/kernel/kexeccrashsize), /proc/iomem still shows 256MB reserved: af000000-beffffff : Crash kernel

Instead, it should show 50MB: af000000-b21fffff : Crash kernel

Further shrinking crashkernel to 40MB causes a kernel crash with the following trace (x86):

BUG: kernel NULL pointer dereference, address: 0000000000000038 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI <snip...> Call Trace: <TASK> ? __diebody.cold+0x19/0x27 ? pagefaultoops+0x15a/0x2f0 ? searchmoduleextables+0x19/0x60 ? searchbpfextables+0x5f/0x80 ? excpagefault+0x7e/0x180 ? asmexcpagefault+0x26/0x30 ? __releaseresource+0xd/0xb0 releaseresource+0x26/0x40 __crashshrinkmemory+0xe5/0x110 crashshrinkmemory+0x12a/0x190 kexeccrashsizestore+0x41/0x80 kernfsfopwriteiter+0x141/0x1f0 vfswrite+0x294/0x460 ksyswrite+0x6d/0xf0 <snip...>

This happens because __crashshrinkmemory()/kernel/crashcore.c incorrectly updates the crashkres resource object even when crashklowres should be updated.

Fix this by ensuring the correct crashkernel resource object is updated when shrinking crashkernel memory.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-68198

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.119.3-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-72442.json"