PT-2025-52251 · Linux+4 · Linux Kernel+4
Published
2025-12-18
·
Updated
2026-04-06
·
CVE-2025-68323
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The Linux kernel contained a use-after-free issue within the USB Type-C Universal Serial Bus Implementers Forum (UCSi) component. Specifically, a delayed work item (
uec->work) was scheduled but not properly canceled during module removal, leading to potential access of freed memory. The race window for this issue was approximately 3 seconds, making it easily reproducible. The issue manifested as a slab-use-after-free condition, detected by KASAN, involving the run timers function and structures related to the UCSi and gaokun ucsi components.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linuxmint
Linux Kernel
Ucsi
Ubuntu
Gaokun Ucsi