CVE-2025-68790

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.18.0-20251130.rc7.git0.16131a59cab1.300.fc43.s390x+debug and earlier

Description The Linux kernel contained an issue in the net/mlx5 component where the HCA PORTS component could be unregistered twice. This double unregistration occurred during LAG teardown, potentially leading to a use-after-free condition. On s390 systems, PCI level recovery events could trigger this issue through multiple passes through mlx5 unload one(), resulting in kernel panics. The issue was observed during PCI error recovery testing with increased kernel debug features enabled.

Recommendations Update to a newer version of the Linux kernel to address this vulnerability.