What is CVE-2025-68814?

CVE-2025-68814 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 5.15 onward and patched in 5.15.198, 6.1.160, 6.6.120 and others. CVE-2025-68814 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2025-68814?

CVE-2025-68814 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2025-68814?

Yes, CVE-2025-68814 has been patched. Fixed versions include 5.15.198, 6.1.160, 6.6.120 and others. If you are running Linux kernel 5.15 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2025-68814 actively exploited?

CVE-2025-68814 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2025-68814

In the Linux kernel, the following vulnerability has been resolved: io_uring: fix filename leak in __io_openat_prep() __io_openat_prep() allocates a struct filename using getname(). However, for the condition of the file being installed in the fixed file table as well as having O_CLOEXEC flag set, the function returns early. At that point, the request doesn't have REQ_F_NEED_CLEANUP flag set. Due to this, the memory for the newly allocated struct filename is not cleaned up, causing a memory leak. Fix this by setting the REQ_F_NEED_CLEANUP for the request just after the successful getname() call, so that when the request is torn down, the filename will be cleaned up, along with other resources needing cleanup.

Package Linux Kernel

Published 2026-01-13

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 5.15 and later are affected. Fixed in 5.15.198, 6.1.160, 6.6.120, 6.12.64, 6.18.3, 6.19 and their respective stable series.

Affected from

≥ 5.15

Fixed in

✓ 5.15.198 5.15.x ✓ 6.1.160 6.1.x ✓ 6.6.120 6.6.x ✓ 6.12.64 6.12.x ✓ 6.18.3 6.18.x ✓ 6.19

References

The following references provide additional information about CVE-2025-68814 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/18b99fa603d0df5e1c898699c17d3b92ddc80746
Patch
Kernel patch commit
https://git.kernel.org/stable/c/2420ef01b2e836fbc05a0a8c73a1016504eb0458
Patch
Kernel patch commit
https://git.kernel.org/stable/c/7fbfb85b05bc960cc50e09d03e5e562131e48d45
Patch

6 patch commits total View all on NVD

Frequently asked questions

What is CVE-2025-68814?

CVE-2025-68814 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 5.15 onward and has been patched in 5.15.198, 6.1.160, 6.6.120 and others. CVE-2025-68814 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2025-68814?

Yes — CVE-2025-68814 has been patched. Fixed versions include 5.15.198, 6.1.160, 6.6.120 and others. If you are running Linux kernel 5.15 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2025-68814 actively exploited?

No — CVE-2025-68814 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.