VDB

CVE-2025-68812

CVE-2025-68812 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add sanity check for stop streaming Add sanity check in iris_vb2_stop_streaming. If inst->state is already IRIS_INST_ERROR, we should skip the stream_off operation because it would still send packets to the firmware. In iris_kill_session, inst->state is set to IRIS_INST_ERROR and session_close is executed, which will kfree(inst_hfi_gen2->packet). If stop_streaming is called afterward, it will cause a crash. [bod: remove qcom from patch title]

EPSS 0.03% · 7.6th percentile

Risk Scores

EPSS Score
0.03%
7.6th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel6.15, 6.15
LinuxLinux11712ce70f8e52fc94365b48ee15aec806b02422, 11712ce70f8e52fc94365b48ee15aec806b02422, 6.15

Timeline

  • Dec 24, 2025 CVE ID Reserved
  • Jan 14, 2026 EPSS Score
  • Jan 16, 2026 EPSS Score
  • Jan 19, 2026 EPSS Score
  • Jan 21, 2026 EPSS Score
  • Jan 24, 2026 EPSS Score
  • Jan 26, 2026 EPSS Score
  • Jan 28, 2026 EPSS Score
  • Jan 31, 2026 EPSS Score
  • Feb 2, 2026 EPSS Score
  • Feb 5, 2026 EPSS Score
  • Feb 7, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›