What is CVE-2025-68171?

CVE-2025-68171 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 5.16 onward and patched in 6.1.159, 6.6.117, 6.12.58 and others. CVE-2025-68171 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2025-68171?

CVE-2025-68171 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2025-68171?

Yes, CVE-2025-68171 has been patched. Fixed versions include 6.1.159, 6.6.117, 6.12.58 and others. If you are running Linux kernel 5.16 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2025-68171 actively exploited?

CVE-2025-68171 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2025-68171

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported [1] the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70 Call Trace: <TASK> fpu__clear_user_states+0x9c/0x100 arch_do_signal_or_restart+0x142/0x210 exit_to_user_mode_loop+0x55/0x100 do_syscall_64+0x205/0x2c0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 Chao further identified [2] a reproducible scenario involving signal delivery: a non-AMX task is preempted by an AMX-enabled task which modifies the XFD MSR. When the non-AMX task resumes and reloads XSTATE with init values, a warning is triggered due to a mismatch between fpstate::xfd and the CPU's current XFD state. fpu__clear_user_states() does not currently re-synchronize the XFD state after such preemption. Invoke xfd_update_state() which detects and corrects the mismatch if there is a dynamic feature. This also benefits the sigreturn path, as fpu__restore_sig() may call fpu__clear_user_states() when the sigframe is inaccessible. [ dhansen: minor changelog munging ]

Package Linux Kernel

Published 2025-12-16

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 5.16 and later are affected. Fixed in 6.1.159, 6.6.117, 6.12.58, 6.17.8, 6.18 and their respective stable series.

Affected from

≥ 5.16

Fixed in

✓ 6.1.159 6.1.x ✓ 6.6.117 6.6.x ✓ 6.12.58 6.12.x ✓ 6.17.8 6.17.x ✓ 6.18

References

The following references provide additional information about CVE-2025-68171 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/1811c610653c0cd21cc9add14595b7cffaeca511
Patch
Kernel patch commit
https://git.kernel.org/stable/c/388eff894d6bc5f921e9bfff0e4b0ab2684a96e9
Patch
Kernel patch commit
https://git.kernel.org/stable/c/3f735419c4b43cde42e6d408db39137b82474e31
Patch

5 patch commits total View all on NVD

Frequently asked questions

What is CVE-2025-68171?

CVE-2025-68171 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 5.16 onward and has been patched in 6.1.159, 6.6.117, 6.12.58 and others. CVE-2025-68171 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2025-68171?

Yes — CVE-2025-68171 has been patched. Fixed versions include 6.1.159, 6.6.117, 6.12.58 and others. If you are running Linux kernel 5.16 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2025-68171 actively exploited?

No — CVE-2025-68171 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.