DEBIAN-CVE-2025-68735
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Prevent potential UAF in group creation This commit prevents the possibility of a use after free issue in the GROUP_CREATE ioctl function, which arose as pointer to the group is accessed in that ioctl function after storing it in the Xarray. A malicious userspace can second guess the handle of a group and try to call GROUP_DESTROY ioctl from another thread around the same time as GROUP_CREATE ioctl. To prevent the use after free exploit, this commit uses a mark on an entry of group pool Xarray which is added just before returning from the GROUP_CREATE ioctl function. The mark is checked for all ioctls that specify the group handle and so userspace won't be abe to delete a group that isn't marked yet. v2: Add R-bs and fixes tags
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | linux | 6.16.7-1, 0, 6.12.38-1 |
| Debian:13 | linux | 0, 6.12.38-1, 6.12.43-1 |
Timeline
- Dec 24, 2025 CVE Published
- Apr 28, 2026 CVE Updated