CVE-2025-68348

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak existed in the blkdev issue zero pages function within the block subsystem of the Linux kernel. The issue occurred because the check for a fatal signal was performed after memory allocation via bio alloc(). If a fatal signal was pending, the allocated bio was not freed or chained, resulting in a memory leak when BLKDEV ZERO KILLABLE was set. The fix moves the fatal signal check before the bio alloc() call, mirroring the pattern used in blkdev issue write zeroes().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-401

Related Identifiers

BDU:2026-01160

CVE-2025-68348

OPENSUSE-SU-2026:10039-1

OPENSUSE-SU-2026:10301-1

OPENSUSE-SU-2026:20287-1

SUSE-SU-2026:20555-1

SUSE-SU-2026:20599-1

SUSE-SU-2026:20615-1

USN-8094-1

USN-8094-2

USN-8094-3

USN-8094-4

USN-8094-5

USN-8152-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-68348

Weakness Enumeration

Related Identifiers

Affected Products

References · 843