CVE-2025-68822

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to the handling of delayed work items within the ALPS touchpad driver. Specifically, a use-after-free condition can occur during device detachment due to a race condition involving the dev3 register work work item. The flush workqueue() function in psmouse disconnect() does not reliably prevent the scheduling of dev3 register work after the associated memory has been freed. This can lead to a situation where the dev3 register work attempts to access deallocated memory, potentially causing system instability or crashes. The issue is identified by static analysis. The alps report bare ps2 packet() function and psmouse queue work() are involved in the scheduling of the delayed work. The psmouse set state() and alps disconnect() functions are part of the cleanup path. The kfree() function frees the memory, while the use-after-free occurs when accessing priv->dev3.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.