CVE-2025-68731

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An integer overflow exists in the aie2 query ctx status array() function within the amdxdna component of the Linux kernel. The issue was identified by a static checker and involves a potential overflow when calculating the size of a data structure based on user-controlled input for num element and element size. Specifically, the calculation args->num element * args->element size is susceptible to overflow. While the issue may not always lead to a critical problem, adding limitations to the input values for element size and num element is recommended. The suggested limits are element size less than or equal to 4K and num element less than or equal to 1K.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.