Back to search
CVE-2025-68804
Published: Jan 13, 2026
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread `cros_ec_console_log_work` is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device in .remove() which should shutdown sub-devices synchronously. Fix it.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 26a14267aff218c60b89007fdb44ca392ba6122c - < 27037916db38e6b78a0242031d3b93d997b84020affected 26a14267aff218c60b89007fdb44ca392ba6122c - < e1da6e399df976dd04c7c73ec008bc81da368a95affected 26a14267aff218c60b89007fdb44ca392ba6122c - < 8dc1f5a85286290dbf04dd5951d020570f49779baffected 26a14267aff218c60b89007fdb44ca392ba6122c - < 393b8f9bedc7806acb9c47cefdbdb223b4b6164baffected 26a14267aff218c60b89007fdb44ca392ba6122c - < 4701493ba37654b3c38b526f6591cf0b02aa172f+2 more versions |
Linux | Linux | affected 5.3unaffected 0 - < 5.3unaffected 5.10.248 - <= 5.10.*unaffected 5.15.198 - <= 5.15.*unaffected 6.1.160 - <= 6.1.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now