CVE-2025-68743 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

mshv: Fix create memory region overlap check

The current check is incorrect; it only checks if the beginning or end
of a region is within an existing region. This doesn't account for
userspace specifying a region that begins before and ends after an
existing region.

Change the logic to a range intersection check against gfns and uaddrs
for each region.

Remove mshv_partition_region_by_uaddr() as it is no longer used.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/2183924dd834e0703f87e17c17e689bcbf55d69d
https://git.kernel.org/stable/c/ab3e7a78d83a61d335458cfe2e4d17eba69ae73d
https://git.kernel.org/stable/c/ba9eb9b86d232854e983203dc2fb1ba18e316681

History

Wed, 24 Dec 2025 12:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a region that begins before and ends after an existing region. Change the logic to a range intersection check against gfns and uaddrs for each region. Remove mshv_partition_region_by_uaddr() as it is no longer used.
Title		mshv: Fix create memory region overlap check
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2183924dd834e0703f87e17c17e689bcbf55d69d https://git.kernel.org/stable/c/ab3e7a78d83a61d335458cfe2e4d17eba69ae73d https://git.kernel.org/stable/c/ba9eb9b86d232854e983203dc2fb1ba18e316681

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T12:09:40.148Z

Updated: 2025-12-24T12:09:40.148Z

Reserved: 2025-12-24T10:30:51.030Z

Link: CVE-2025-68743

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-24T13:16:29.247

Modified: 2025-12-24T13:16:29.247

Link: CVE-2025-68743

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Metrics

Affected Vendors & Products

Projects

Metrics

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object