PT-2026-1242 · Linux+3 · Linux Kernel+3

Published

2026-01-05

Updated

2026-04-06

CVE-2025-68754

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the amlogic-a4 Real Time Clock (RTC) driver. A double free issue occurs because the clock obtained via devm clk get enabled() is automatically managed by the devres framework and freed on driver detachment. Redundant calls to clk disable unprepare() in the error path and remove function trigger this double free. Removing these redundant calls allows the devres framework to manage the clock lifecycle automatically.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2025-68754

OPENSUSE-SU-2026:10039-1

OPENSUSE-SU-2026:10301-1

USN-8094-1

USN-8094-2

USN-8094-3

USN-8094-4

USN-8094-5

USN-8152-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

Amlogic-A4

PT-2026-1242 · Linux+3 · Linux Kernel+3

CVE-2025-68754

Related Identifiers

Affected Products

References · 414