CVE-2025-68761

Published: Jan 5, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: hfs: fix potential use after free in hfs_correct_next_unused_CNID() This code calls hfs_bnode_put(node) which drops the refcount and then dreferences "node" on the next line. It's only safe to use "node" when we're holding a reference so flip these two lines around.

Vendor	Product	Versions
Linux	Linux	affected `a06ec283e125e334155fe13005c76c9f484ce759 - < 40a1e0142096dd7dd6cb5373841222b528698588` affected `a06ec283e125e334155fe13005c76c9f484ce759 - < c105e76bb17cf4b55fe89c6ad4f6a0e3972b5b08`
Linux	Linux	affected `6.18` unaffected `0 - < 6.18` unaffected `6.18.2 - <= 6.18.` unaffected `6.19 - <= `

References

https://git.kernel.org/stable/c/40a1e0142096dd7dd6cb5373841222b528698588

https://git.kernel.org/stable/c/c105e76bb17cf4b55fe89c6ad4f6a0e3972b5b08

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-68761

Description

Affected Products

References