CVE-2025-68215

Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the driver probe and PTP feature initialization or on PTP restart (errors in reset handling, NVM update etc). In both cases, calls to PF PTP cleanup (iceptpcleanuppf function) and 'pslock' mutex deinitialization were missed. Additionally, ptp clock was not unregistered in the latter case.

Keep PTP state as 'uninitialized' on init to distinguish between error scenarios and to avoid resource release duplication at driver removal.

The consequence of missing iceptpcleanuppf call is the following call trace dumped when iceadapter object is freed (port list is not empty, as it is required at this stage):

[ T93022] ------------[ cut here ]------------ [ T93022] WARNING: CPU: 10 PID: 93022 at ice/iceadapter.c:67 iceadapterput+0xef/0x100 [ice] ... [ T93022] RIP: 0010:iceadapterput+0xef/0x100 [ice] ... [ T93022] Call Trace: [ T93022] <TASK> [ T93022] ? iceadapter_put+0xef/0x100 [ice 33d2647ad4f6d866d41eefff1806df37c68aef0c] [ T93022] ? _warn.cold+0xb0/0x10e [ T93022] ? iceadapterput+0xef/0x100 [ice 33d2647ad4f6d866d41eefff1806df37c68aef0c] [ T93022] ? reportbug+0xd8/0x150 [ T93022] ? handlebug+0xe9/0x110 [ T93022] ? excinvalidop+0x17/0x70 [ T93022] ? asmexcinvalidop+0x1a/0x20 [ T93022] ? iceadapterput+0xef/0x100 [ice 33d2647ad4f6d866d41eefff1806df37c68aef0c] [ T93022] pcideviceremove+0x42/0xb0 [ T93022] devicereleasedriverinternal+0x19f/0x200 [ T93022] driverdetach+0x48/0x90 [ T93022] busremovedriver+0x70/0xf0 [ T93022] pciunregisterdriver+0x42/0xb0 [ T93022] icemoduleexit+0x10/0xdb0 [ice 33d2647ad4f6d866d41eefff1806df37c68aef0c] ... [ T93022] ---[ end trace 0000000000000000 ]--- [ T93022] ice: module unloaded

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68215.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

2f59743be4d9568cad2d9cf697d1b897975421ed

Fixed

f5eb91f876ebecbcd90f9edcaea98dcb354603b3

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

e800654e85b5b27966fc6493201f5f8cf658beb6

Fixed

765236f2c4fbba7650436b71a0e350500e9ec15f

Fixed

23a5b9b12de9dcd15ebae4f1abc8814ec1c51ab0

Affected versions

v6.*

v6.12

v6.12-rc1

v6.12-rc2

v6.12-rc3

v6.12-rc4

v6.12-rc5

v6.12-rc6

v6.12-rc7

v6.12.11

v6.12.12

v6.12.13

v6.12.14

v6.12.15

v6.12.16

v6.12.17

v6.12.18

v6.12.19

v6.12.20

v6.12.21

v6.12.22

v6.12.23

v6.12.24

v6.12.25

v6.12.26

v6.12.27

v6.12.28

v6.12.29

v6.12.30

v6.12.31

v6.12.32

v6.12.33

v6.12.34

v6.12.35

v6.12.36

v6.12.37

v6.12.38

v6.12.39

v6.12.40

v6.12.41

v6.12.42

v6.12.43

v6.12.44

v6.12.45

v6.12.46

v6.12.47

v6.12.48

v6.12.49

v6.12.50

v6.12.51

v6.12.52

v6.12.53

v6.12.54

v6.12.55

v6.12.56

v6.12.57

v6.12.58

v6.12.59

v6.13

v6.13-rc1

v6.13-rc2

v6.13-rc3

v6.13-rc4

v6.13-rc5

v6.13-rc6

v6.13-rc7

v6.14

v6.14-rc1

v6.14-rc2

v6.14-rc3

v6.14-rc4

v6.14-rc5

v6.14-rc6

v6.14-rc7

v6.15

v6.15-rc1

v6.15-rc2

v6.15-rc3

v6.15-rc4

v6.15-rc5

v6.15-rc6

v6.15-rc7

v6.16

v6.16-rc1

v6.16-rc2

v6.16-rc3

v6.16-rc4

v6.16-rc5

v6.16-rc6

v6.16-rc7

v6.17

v6.17-rc1

v6.17-rc2

v6.17-rc3

v6.17-rc4

v6.17-rc5

v6.17-rc6

v6.17-rc7

v6.17.1

v6.17.2

v6.17.3

v6.17.4

v6.17.5

v6.17.6

v6.17.7

v6.17.8

v6.17.9

v6.18-rc1

v6.18-rc2

v6.18-rc3

v6.18-rc4

v6.18-rc5

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68215.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.12.60

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.10

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68215.json"