CVE-2025-68730 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context()

Don't add BO to the vdev->bo_list in ivpu_gem_create_object().
When failure happens inside drm_gem_shmem_create(), the BO is not
fully created and ivpu_gem_bo_free() callback will not be called
causing a deleted BO to be left on the list.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00017.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/8172838a284c27190fa6782c2740a97020434750
https://git.kernel.org/stable/c/8b694b405a84696f1d964f6da7cf9721e68c4714
https://git.kernel.org/stable/c/c9ef5ccd8bd9bcf598b6d3f77e7eb4dde7149aec

History

Wed, 24 Dec 2025 10:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context() Don't add BO to the vdev->bo_list in ivpu_gem_create_object(). When failure happens inside drm_gem_shmem_create(), the BO is not fully created and ivpu_gem_bo_free() callback will not be called causing a deleted BO to be left on the list.
Title		accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/8172838a284c27190fa6782c2740a97020434750 https://git.kernel.org/stable/c/8b694b405a84696f1d964f6da7cf9721e68c4714 https://git.kernel.org/stable/c/c9ef5ccd8bd9bcf598b6d3f77e7eb4dde7149aec

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T10:33:13.236Z

Updated: 2025-12-24T10:33:13.236Z

Reserved: 2025-12-24T10:30:51.028Z

Link: CVE-2025-68730

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-24T11:16:02.297

Modified: 2025-12-24T11:16:02.297

Link: CVE-2025-68730

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-68730", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-24T10:30:51.028Z", "datePublished": "2025-12-24T10:33:13.236Z", "dateUpdated": "2025-12-24T10:33:13.236Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-24T10:33:13.236Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context()\n\nDon't add BO to the vdev->bo_list in ivpu_gem_create_object().\nWhen failure happens inside drm_gem_shmem_create(), the BO is not\nfully created and ivpu_gem_bo_free() callback will not be called\ncausing a deleted BO to be left on the list."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/ivpu/ivpu_gem.c"], "versions": [{"version": "8d88e4cdce4f5c56de55174a4d32ea9c06f7fa66", "lessThan": "8172838a284c27190fa6782c2740a97020434750", "status": "affected", "versionType": "git"}, {"version": "8d88e4cdce4f5c56de55174a4d32ea9c06f7fa66", "lessThan": "c9ef5ccd8bd9bcf598b6d3f77e7eb4dde7149aec", "status": "affected", "versionType": "git"}, {"version": "8d88e4cdce4f5c56de55174a4d32ea9c06f7fa66", "lessThan": "8b694b405a84696f1d964f6da7cf9721e68c4714", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/ivpu/ivpu_gem.c"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "6.17.13", "lessThanOrEqual": "6.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.2", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.17.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.18.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.19-rc1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/8172838a284c27190fa6782c2740a97020434750"}, {"url": "https://git.kernel.org/stable/c/c9ef5ccd8bd9bcf598b6d3f77e7eb4dde7149aec"}, {"url": "https://git.kernel.org/stable/c/8b694b405a84696f1d964f6da7cf9721e68c4714"}], "title": "accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context()", "x_generator": {"engine": "bippy-1.2.0"}}}}