CVE-2025-68749

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition exists within the Intel iGPU (IVPU) driver related to buffer object (BO) unbinding. Specifically, the issue occurs when ivpu gem bo free() removes a BO from the list before it is fully unmapped. This leads to a warning within drm mm takedown() during context teardown. The fix involves protecting the unmapping sequence with bo list lock to ensure the BO is fully unmapped either at context teardown or by file priv unbind().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

BDU:2026-01149

CVE-2025-68749

OPENSUSE-SU-2026:10039-1

OPENSUSE-SU-2026:10301-1

OPENSUSE-SU-2026:20145-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:20207-1

SUSE-SU-2026:20220-1

SUSE-SU-2026:20228-1

USN-8094-1

USN-8094-2

USN-8094-3

USN-8094-4

USN-8094-5

USN-8152-1

USN-8278-1

USN-8289-1

USN-8296-1

Affected Products

Debian

Intel Igpu

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-68749

Weakness Enumeration

Related Identifiers

Affected Products

References · 1539