CVE-2025-68231

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc2-00031-gec7f31b2a2d3

Description The Linux kernel contains a flaw within the mm/mempool component related to handling page poisoning, specifically when dealing with CONFIG HIGHMEM. The issue arises because the poisoning code does not correctly manage high-order pages, leading to a potential supervisor write access error in kernel mode. This can manifest as a page fault, as observed in kernel tests. The root cause is that only the first page is mapped during the poisoning process, but subsequent accesses attempt to operate on the entire high-order page. The issue is addressed by implementing a loop that maps, poisons, checks, and unmaps individual pages.

Recommendations Update to Linux kernel version 6.18.0-rc2-00031-gec7f31b2a2d3 or a later version that includes the fix.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

AZL-72458

CVE-2025-68231

ECHO-4022-8625-7E09

MGASA-2026-0017

MGASA-2026-0018

OESA-2026-1566

OESA-2026-1567

OESA-2026-1570

USN-8094-1

USN-8094-2

USN-8094-3

USN-8094-4

USN-8094-5

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8152-1

USN-8165-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-68231

Related Identifiers

Affected Products

References · 1575