CVE-2025-68303

This passes the address of the pointer "&punitipcdev" when the intent was to pass the pointer itself "punitipcdev" (without the ampersand). This means that the:

complete(&ipcdev->cmd_complete);

in intelpunitioc() will write to a wrong memory address corrupting it.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68303.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

fdca4f16f57da76a8e68047923588a87d1c01f0a

Fixed

15d560cdf5b36c51fffec07ac2a983ab3bff4cb2

Fixed

46e9d6f54184573dae1dcbcf6685a572ba6f4480

Fixed

3e7442c5802146fd418ba3f68dcb9ca92b5cec83

Fixed

a21615a4ac6fecbb586d59fe2206b63501021789

Fixed

c2ee6d38996775a19bfdf20cb01a9b8698cb0baa

Fixed

9b9c0adbc3f8a524d291baccc9d0c04097fb4869

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68303.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.5.0

Fixed

5.15.197

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.159

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.119

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.61

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.11

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68303.json"