CVE-2025-68309

Overview

In the Linux kernel, the PCI/AER (Advanced Error Reporting) subsystem function aer_info fails to check the return value of kzalloc(GFP_KERNEL). If memory allocation fails and returns NULL, all subsequent accesses to aer_info->xxx will dereference a NULL pointer, leading to a kernel panic [1].

Exploitation

To trigger this vulnerability, an attacker would need to cause memory pressure on the target system such that a GFP_KERNEL allocation fails. This may be achievable through local user actions that exhaust system memory, or other means of inducing allocation failure. No special privileges are required beyond the ability to trigger an AER event that invokes the vulnerable code path.

Impact

A successful NULL pointer dereference in the kernel causes a system crash (kernel panic or oops), resulting in a denial of service (DoS). There is no evidence of privilege escalation or data corruption from this bug.

Mitigation

The fix is a one-line change that adds a NULL check after the return value of kzalloc and returns early if it fails, preventing the dereference [1]. The patch has been committed to the Linux kernel stable tree and is available in subsequent releases. Systems running unpatched kernels are vulnerable.