CVE-2025-68181

NONE EPSS 6.2%
Published Dec 16, 20256mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Dec 16, 2025 6mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drm_put_dev() Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() drm_put_dev()'ing to trigger it to be free'd should be done by devres. However, drm_put_dev() is still in the probe error and device remove paths. When the driver fails to probe warnings like the following are shown because devres is trying to drm_put_dev() after the driver already did it. [ 5.642230] radeon 0000:01:05.0: probe with driver radeon failed with error -22 [ 5.649605] ------------[ cut here ]------------ [ 5.649607] refcount_t: underflow; use-after-free. [ 5.649620] WARNING: CPU: 0 PID: 357 at lib/refcount.c:28 refcount_warn_saturate+0xbe/0x110 (cherry picked from commit 3eb8c0b4c091da0a623ade0d3ee7aa4a93df1ea4)

Threat Intelligence

EPSS Exploit Probability
6.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 3

  • git.kernel.org https://git.kernel.org/stable/c/2fa41445d8c98f2a65503c373796466496edc0e7
  • git.kernel.org https://git.kernel.org/stable/c/745bae76acdd71709773c129a69deca01036250b
  • git.kernel.org https://git.kernel.org/stable/c/ec18f6b2c743cc471b2539ddb5caed20a012e640

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.