CVE-2025-68290
Description
In the Linux kernel, the following vulnerability has been resolved:
most: usb: fix double free on late probe failure
The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration.
This unsurprisingly leads to bugs in the MOST drivers, and a couple of recent changes turned a reference underflow and use-after-free in the USB driver into several double free and a use-after-free on late probe failures.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A double-free vulnerability in the Linux kernel's MOST USB driver allows privilege escalation on probe failure.
Root
Cause
The MOST subsystem uses a non-standard registration function that frees the interface on both registration failures and normal deregistration. In the USB driver, this design leads to double free and use-after-free bugs during late probe failures [1][2][3].
Exploitation
An attacker with the ability to trigger a USB device probe failure (e.g., by inserting a malformed MOST USB device) can cause the driver to perform a double free of kernel memory. No special privileges are required beyond physical access or the ability to influence USB device enumeration.
Impact
Successfully exploiting the double free can lead to a compromise of kernel memory, potentially allowing privilege escalation or a denial of service (system crash). The vulnerability affects systems using the Linux kernel's MOST USB driver.
Mitigation
Patches have been merged into the stable kernel branches [1][2][3]. Users should update to a kernel version containing the fix. No workarounds are available; the vulnerability is resolved by applying the kernel updates.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- git.kernel.org/stable/c/0dece48660be16918ecf2dbdc7193e8be03e1693nvd
- git.kernel.org/stable/c/2274767dc02b756b25e3db1e31c0ed47c2a78442nvd
- git.kernel.org/stable/c/8d8ffefe3d5d8b7b73efb866db61130107299c5cnvd
- git.kernel.org/stable/c/90e6ce2b1b19fb8b9d4afee69f40e4c6a4791154nvd
- git.kernel.org/stable/c/993bfdc3842893c394de13c8200c338ebb979589nvd
- git.kernel.org/stable/c/a4c4118c2af284835b16431bbfe77e0130c06fefnvd
- git.kernel.org/stable/c/baadf2a5c26e802a46573eaad331b427b49aaa36nvd
News mentions
0No linked articles in our index yet.