CVE-2025-68248

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s vmware balloon driver related to page migration. Specifically, when migrating a balloon page, if inflating the new page succeeds after effectively deflating the old page, the system incorrectly reports an error. This leads to the page remaining marked as isolated, causing issues when attempting to put the page back into the buddy allocator. The issue was identified through code inspection and a fix involves returning a success code in this scenario, ensuring the page is correctly freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.