CVE-2025-68190

CVSS v2.0

4.0

Medium

Vector

AV:A/AC:H/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s DRM/amdgpu/atom subsystem. Specifically, a potential NULL pointer dereference can occur in the atom get src int() function when accessing WS entries if kcalloc() fails during memory allocation for the WS buffer in amdgpu atom execute table locked(). This happens when WS is non-zero and ectx.ws remains NULL while ectx.ws size is set. The issue is addressed by returning -ENOMEM on allocation failure to prevent the NULL dereference.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-371

Related Identifiers

AZL-72415

BDU:2026-03272

CVE-2025-68190

ECHO-21BB-90CA-0120

OPENSUSE-SU-2026:20145-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:0473-1

SUSE-SU-2026:20207-1

SUSE-SU-2026:20220-1

SUSE-SU-2026:20228-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

Amdgpu

CVE-2025-68190

Weakness Enumeration

Related Identifiers

Affected Products

References · 3243