CVE-2025-68306
- Source
- https://cve.org/CVERecord?id=CVE-2025-68306
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68306.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-68306
- Downstream
- Published
- 2025-12-16T15:06:23.486Z
- Modified
- 2026-03-10T21:48:37.545690Z
- Summary
- Bluetooth: btusb: mediatek: Fix kernel crash when releasing mtk iso interface
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btusb: mediatek: Fix kernel crash when releasing mtk iso interface
When performing reset tests and encountering abnormal card drop issues that lead to a kernel crash, it is necessary to perform a null check before releasing resources to avoid attempting to release a null pointer.
<4>[ 29.158070] Hardware name: Google Quigon sku196612/196613 board (DT) <4>[ 29.158076] Workqueue: hci0 hcicmdsyncwork [bluetooth] <4>[ 29.158154] pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) <4>[ 29.158162] pc : klistremove+0x90/0x158 <4>[ 29.158174] lr : klistremove+0x88/0x158 <4>[ 29.158180] sp : ffffffc0846b3c00 <4>[ 29.158185] pmrsave: 000000e0 <4>[ 29.158188] x29: ffffffc0846b3c30 x28: ffffff80cd31f880 x27: ffffff80c1bdc058 <4>[ 29.158199] x26: dead000000000100 x25: ffffffdbdc624ea3 x24: ffffff80c1bdc4c0 <4>[ 29.158209] x23: ffffffdbdc62a3e6 x22: ffffff80c6c07000 x21: ffffffdbdc829290 <4>[ 29.158219] x20: 0000000000000000 x19: ffffff80cd3e0648 x18: 000000031ec97781 <4>[ 29.158229] x17: ffffff80c1bdc4a8 x16: ffffffdc10576548 x15: ffffff80c1180428 <4>[ 29.158238] x14: 0000000000000000 x13: 000000000000e380 x12: 0000000000000018 <4>[ 29.158248] x11: ffffff80c2a7fd10 x10: 0000000000000000 x9 : 0000000100000000 <4>[ 29.158257] x8 : 0000000000000000 x7 : 7f7f7f7f7f7f7f7f x6 : 2d7223ff6364626d <4>[ 29.158266] x5 : 0000008000000000 x4 : 0000000000000020 x3 : 2e7325006465636e <4>[ 29.158275] x2 : ffffffdc11afeff8 x1 : 0000000000000000 x0 : ffffffdc11be4d0c <4>[ 29.158285] Call trace: <4>[ 29.158290] klistremove+0x90/0x158 <4>[ 29.158298] devicereleasedriverinternal+0x20c/0x268 <4>[ 29.158308] devicereleasedriver+0x1c/0x30 <4>[ 29.158316] usbdriverreleaseinterface+0x70/0x88 <4>[ 29.158325] btusbmtkreleaseisointf+0x68/0xd8 [btusb (HASH:e8b6 5)] <4>[ 29.158347] btusbmtkreset+0x5c/0x480 [btusb (HASH:e8b6 5)] <4>[ 29.158361] hcicmdsyncwork+0x10c/0x188 [bluetooth (HASH:a4fa 6)] <4>[ 29.158430] processscheduledworks+0x258/0x4e8 <4>[ 29.158441] workerthread+0x300/0x428 <4>[ 29.158448] kthread+0x108/0x1d0 <4>[ 29.158455] retfrom_fork+0x10/0x20 <0>[ 29.158467] Code: 91343000 940139d1 f9400268 927ff914 (f9401297) <4>[ 29.158474] ---[ end trace 0000000000000000 ]--- <0>[ 29.167129] Kernel panic - not syncing: Oops: Fatal exception <2>[ 29.167144] SMP: stopping secondary CPUs <4>[ 29.167158] ------------[ cut here ]------------
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68306.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/4015b979767125cf8a2233a145a3b3af78bfd8fb
- https://git.kernel.org/stable/c/421e88a0d85782786b7a1764c75518b4845e07b3
- https://git.kernel.org/stable/c/faae9f2ea8806f2499186448adbf94689b47b82b
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68306.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-68306
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedceac1cb0259de682d78f5c784ef8e0b13022e9d9Fixed421e88a0d85782786b7a1764c75518b4845e07b3Fixedfaae9f2ea8806f2499186448adbf94689b47b82bFixed4015b979767125cf8a2233a145a3b3af78bfd8fb