CVE-2025-68819

rlen value is a user-controlled value, but dtv5100i2cmsg() does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeof(st->data), an out-of-bounds vuln occurs for st->data.

Therefore, we need to add proper range checking to prevent this vuln.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68819.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

60688d5e6e6e2ae62f29762d1e3b2aec2dbd3817

Fixed

c2c293ea7b61f12cdaad1e99a5b4efc58c88960a

Fixed

c2305b4c5fc15e20ac06c35738e0578eb4323750

Fixed

61f214a878e96e2a8750bf96a98f78c658dba60c

Fixed

4a54d8fcb093761e4c56eb211cf4e39bf8401fa1

Fixed

fe3e129ab49806aaaa3f22067ebc75c2dfbe4658

Fixed

ac92151ff2494130d9fc686055d6bbb9743a673e

Fixed

b91e6aafe8d356086cc621bc03e35ba2299e4788

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68819.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.6.28

Fixed

5.10.248

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.198

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.160

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.120

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.64

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68819.json"