CVE-2025-68814

__ioopenatprep() allocates a struct filename using getname(). However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function returns early. At that point, the request doesn't have REQFNEEDCLEANUP flag set. Due to this, the memory for the newly allocated struct filename is not cleaned up, causing a memory leak.

Fix this by setting the REQFNEED_CLEANUP for the request just after the successful getname() call, so that when the request is torn down, the filename will be cleaned up, along with other resources needing cleanup.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68814.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b9445598d8c60a1379887b957024b71343965f74

Fixed

2420ef01b2e836fbc05a0a8c73a1016504eb0458

Fixed

8f44c4a550570cd5903625133f938c6b51310c9b

Fixed

18b99fa603d0df5e1c898699c17d3b92ddc80746

Fixed

e232269d511566b1f80872256a48593acc1becf4

Fixed

7fbfb85b05bc960cc50e09d03e5e562131e48d45

Fixed

b14fad555302a2104948feaff70503b64c80ac01

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68814.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.15.0

Fixed

5.15.198

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.160

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.120

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.64

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68814.json"