What is CVE-2025-68324?

CVE-2025-68324 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 2.6.12 onward and patched in 6.12.63, 6.17.13, 6.18.2 and others. CVE-2025-68324 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2025-68324?

CVE-2025-68324 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2025-68324?

Yes, CVE-2025-68324 has been patched. Fixed versions include 6.12.63, 6.17.13, 6.18.2 and others. If you are running Linux kernel 2.6.12 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2025-68324 actively exploited?

CVE-2025-68324 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2025-68324

In the Linux kernel, the following vulnerability has been resolved: scsi: imm: Fix use-after-free bug caused by unfinished delayed work The delayed work item 'imm_tq' is initialized in imm_attach() and scheduled via imm_queuecommand() for processing SCSI commands. When the IMM parallel port SCSI host adapter is detached through imm_detach(), the imm_struct device instance is deallocated. However, the delayed work might still be pending or executing when imm_detach() is called, leading to use-after-free bugs when the work function imm_interrupt() accesses the already freed imm_struct memory. The race condition can occur as follows: CPU 0(detach thread) | CPU 1 | imm_queuecommand() | imm_queuecommand_lck() imm_detach() | schedule_delayed_work() kfree(dev) //FREE | imm_interrupt() | dev = container_of(...) //USE dev-> //USE Add disable_delayed_work_sync() in imm_detach() to guarantee proper cancellation of the delayed work item before imm_struct is deallocated.

Package Linux Kernel

Published 2025-12-18

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 2.6.12 and later are affected. Fixed in 6.12.63, 6.17.13, 6.18.2, 6.19 and their respective stable series.

Affected from

≥ 2.6.12

Fixed in

✓ 6.12.63 6.12.x ✓ 6.17.13 6.17.x ✓ 6.18.2 6.18.x ✓ 6.19

References

The following references provide additional information about CVE-2025-68324 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/31ab2aad7a7b7501e904a09bf361e44671f66092
Patch
Kernel patch commit
https://git.kernel.org/stable/c/48dd41fa2d6c6a0c50e714deeba06ffe7f91961b
Patch
Kernel patch commit
https://git.kernel.org/stable/c/9e434426cc23ad5e2aad649327b59aea00294b13
Patch

4 patch commits total View all on NVD

Frequently asked questions

What is CVE-2025-68324?

CVE-2025-68324 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 2.6.12 onward and has been patched in 6.12.63, 6.17.13, 6.18.2 and others. CVE-2025-68324 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2025-68324?

Yes — CVE-2025-68324 has been patched. Fixed versions include 6.12.63, 6.17.13, 6.18.2 and others. If you are running Linux kernel 2.6.12 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2025-68324 actively exploited?

No — CVE-2025-68324 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.