CVE-2025-68215

Vulnerability

Description

CVE-2025-68215 is a bug in the Linux kernel's ice driver (Intel Ethernet Connection) related to improper cleanup of Precision Time Protocol (PTP) resources when the driver is removed in an error path. The error scenario can occur during driver probe and PTP feature initialization, or during PTP restart triggered by reset handling or NVM update failures. In both cases, the functions ice_ptp_cleanup_pf and ps_lock mutex deinitialization were missed, and in the latter case the PTP clock was not unregistered. This leads to a kernel warning trace when the ice_adapter object is freed, because the port list is not empty as required at that stage [1].

Exploitation and

Attack Surface

The vulnerability is triggered during driver removal, which typically requires root privileges or physical access to the system. An attacker with local access could potentially cause the driver to enter an error path (e.g., by triggering a reset or NVM update failure) and then remove the driver, leading to the kernel warning. The bug does not require authentication beyond local system access, and the attack surface is limited to systems using the ice driver with PTP enabled.

Impact

The primary impact is a kernel warning that may indicate a resource leak or inconsistent state. While the description does not confirm a full system crash or privilege escalation, such warnings can be leveraged in denial-of-service scenarios or as a precursor to more severe exploits. The missing cleanup could also leave the system in an unstable state, potentially affecting network functionality.

Mitigation

The fix is included in Linux kernel stable commit 765236f2c4fb, which ensures proper cleanup by keeping the PTP state as 'uninitialized' on init to distinguish error scenarios and avoid resource release duplication. Users should update to a kernel version containing this commit to prevent the warning and potential resource leaks.