VYPR
Unrated severityNVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026

CVE-2025-68748

CVE-2025-68748

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/panthor: Fix UAF race between device unplug and FW event processing

The function panthor_fw_unplug() will free the FW memory sections. The problem is that there could still be pending FW events which are yet not handled at this point. process_fw_events_work() can in this case try to access said freed memory.

Simply call disable_work_sync() to both drain and prevent future invocation of process_fw_events_work().

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

43

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.