CVE-2025-68370

24.12.2025, 11:16

In the Linux kernel, the following vulnerability has been resolved:

coresight: tmc: add the handle of the event to the path

The handle is essential for retrieving the AUX_EVENT of each CPU and is
required in perf mode. It has been added to the coresight_path so that
dependent devices can access it from the path when needed.

The existing bug can be reproduced with:
perf record -e cs_etm//k -C 0-9 dd if=/dev/zero of=/dev/null

Showing an oops as follows:
Unable to handle kernel paging request at virtual address 000f6e84934ed19e

Call trace:
 tmc_etr_get_buffer+0x30/0x80 [coresight_tmc] (P)
 catu_enable_hw+0xbc/0x3d0 [coresight_catu]
 catu_enable+0x70/0xe0 [coresight_catu]
 coresight_enable_path+0xb0/0x258 [coresight]

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 not-affected
trixie	6.12.57-1 not-affected
bookworm	6.1.148-1 not-affected
bullseye (security)	5.10.247-1 fixed
bookworm (security)	6.1.158-1 fixed
trixie (security)	6.12.48-1 fixed
forky	vulnerable
sid	6.17.13-1 fixed

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, die möglicherweise zu einer Denial-of-Service- Bedingung führen oder eine Speicherbeschädigung verursachen können.
Published: 2025-12-23T23:00:00+00:00

References

https://git.kernel.org/stable/c/aaa5abcc9d44d2c8484f779ab46d242d774cabcb

https://git.kernel.org/stable/c/d0c9effd82f2c19b92acd07d357fac5f392d549a

https://git.kernel.org/stable/c/faa8f38f7ccb344ace2c1f364efc70e3a12d32f3