PT-2025-51583 · Linux+3 · Linux Kernel+3

Published

2025-10-18

Updated

2026-02-24

CVE-2025-68170

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the DRM/Radeon driver where the rdev structure, managed by devres, was incorrectly being freed using kfree(). This occurred because the allocation method for the driver's main structure was changed to devm drm dev alloc(), which means rdev should be managed by devres. Incorrectly freeing rdev could lead to system instability if the driver probe failed and devres attempted to clean up the structure after it had already been freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

BDU:2026-03144

CVE-2025-68170

OPENSUSE-SU-2026:20145-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:20207-1

SUSE-SU-2026:20220-1

SUSE-SU-2026:20228-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

PT-2025-51583 · Linux+3 · Linux Kernel+3

CVE-2025-68170

Weakness Enumeration

Related Identifiers

Affected Products

References · 1353