CVE-2025-68749

24.12.2025, 13:16

In the Linux kernel, the following vulnerability has been resolved:

accel/ivpu: Fix race condition when unbinding BOs

Fix 'Memory manager not clean during takedown' warning that occurs
when ivpu_gem_bo_free() removes the BO from the BOs list before it
gets unmapped. Then file_priv_unbind() triggers a warning in
drm_mm_takedown() during context teardown.

Protect the unmapping sequence with bo_list_lock to ensure the BO is
always fully unmapped when removed from the list. This ensures the BO
is either fully unmapped at context teardown time or present on the
list and unmapped by file_priv_unbind().

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 not-affected
bookworm	6.1.148-1 not-affected
bullseye (security)	5.10.247-1 fixed
bookworm (security)	6.1.158-1 fixed
trixie	vulnerable
trixie (security)	vulnerable
forky	vulnerable
sid	6.17.13-1 fixed

References

https://git.kernel.org/stable/c/00812636df370bedf4e44a0c81b86ea96bca8628

https://git.kernel.org/stable/c/d71333ffdd3707d84cfb95acfaf8ba892adc066b

https://git.kernel.org/stable/c/fb16493ebd8f171bcf0772262619618a131f30f7