What is CVE-2025-68312?

CVE-2025-68312 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 5.4.211 onward and patched in 5.4.302, 5.10.247, 5.15.197 and others. CVE-2025-68312 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2025-68312?

CVE-2025-68312 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2025-68312?

Yes, CVE-2025-68312 has been patched. Fixed versions include 5.4.302, 5.10.247, 5.15.197 and others. If you are running Linux kernel 5.4.211 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2025-68312 actively exploited?

CVE-2025-68312 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2025-68312

In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnet_link_change(dev, 0, 0); put the kevent work in global workqueue. However, the kevent has not yet been scheduled when the usbnet device is unregistered. Therefore, executing free_netdev() results in the "free active object (kevent)" error reported here. 2. Another factor is that when calling usbnet_disconnect()->unregister_netdev(), if the usbnet device is up, ndo_stop() is executed to cancel the kevent. However, because the device is not up, ndo_stop() is not executed. The solution to this problem is to cancel the kevent before executing free_netdev().

Package Linux Kernel

Published 2025-12-16

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 5.4.211, 5.10.137, 5.15.61, 4.9.326, 4.14.291, 4.19.256, 5.18.18, 5.19.2, 6.0 and later are affected. Fixed in 5.4.302, 5.10.247, 5.15.197, 6.1.159, 6.6.117, 6.12.58, 6.17.8, 6.18 and their respective stable series.

Affected from

≥ 5.4.211 ≥ 5.10.137 ≥ 5.15.61 ≥ 4.9.326 ≥ 4.14.291 ≥ 4.19.256 ≥ 5.18.18 ≥ 5.19.2 ≥ 6.0

Fixed in

✓ 5.4.302 5.4.x ✓ 5.10.247 5.10.x ✓ 5.15.197 5.15.x ✓ 6.1.159 6.1.x ✓ 6.6.117 6.6.x ✓ 6.12.58 6.12.x ✓ 6.17.8 6.17.x ✓ 6.18

References

The following references provide additional information about CVE-2025-68312 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/285d4b953f2ca03c358f986718dd89ee9bde632e
Patch
Kernel patch commit
https://git.kernel.org/stable/c/2ce1de32e05445d77fc056f6ff8339cfb78a5f84
Patch
Kernel patch commit
https://git.kernel.org/stable/c/3a10619fdefd3051aeb14860e4d4335529b4e94d
Patch

8 patch commits total View all on NVD

Frequently asked questions

What is CVE-2025-68312?

CVE-2025-68312 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 5.4.211 onward and has been patched in 5.4.302, 5.10.247, 5.15.197 and others. CVE-2025-68312 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2025-68312?

Yes — CVE-2025-68312 has been patched. Fixed versions include 5.4.302, 5.10.247, 5.15.197 and others. If you are running Linux kernel 5.4.211 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2025-68312 actively exploited?

No — CVE-2025-68312 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.