CVE-2025-68762

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-68762
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68762.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-68762
Downstream
Published
2026-01-05T09:32:34.743Z
Modified
2026-01-06T03:22:00.720494Z
Summary
net: netpoll: initialize work queue before error checks
Details

In the Linux kernel, the following vulnerability has been resolved:

net: netpoll: initialize work queue before error checks

Prevent a kernel warning when netconsole setup fails on devices with IFFDISABLENETPOLL flag. The warning (at kernel/workqueue.c:4242 in _flushwork) occurs because the cleanup path tries to cancel an uninitialized work queue.

When _netpollsetup() encounters a device with IFFDISABLENETPOLL, it fails early and calls skbpoolflush() for cleanup. This function calls cancelworksync(&np->refillwq), but refillwq hasn't been initialized yet, triggering the warning.

Move INITWORK() to the beginning of _netpoll_setup(), ensuring the work queue is properly initialized before any potential failure points. This allows the cleanup path to safely cancel the work queue regardless of where the setup fails.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68762.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
248f6571fd4c51531f7f8f07f186f7ae98a50afc
Fixed
a90d0dc38a10347078cca60e7495ad0648838f18
Fixed
760bc6ceda8e2c273c0e2018ad2595967c3dd308
Fixed
e5235eb6cfe02a51256013a78f7b28779a7740d5

Affected versions

v6.*

v6.14
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.16
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.17
v6.17-rc1
v6.17-rc2
v6.17-rc3
v6.17-rc4
v6.17-rc5
v6.17-rc6
v6.17-rc7
v6.17.1
v6.17.10
v6.17.11
v6.17.12
v6.17.2
v6.17.3
v6.17.4
v6.17.5
v6.17.6
v6.17.7
v6.17.8
v6.17.9
v6.18
v6.18-rc1
v6.18-rc2
v6.18-rc3
v6.18-rc4
v6.18-rc5
v6.18-rc6
v6.18-rc7
v6.18.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68762.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.15.0
Fixed
6.17.13
Type
ECOSYSTEM
Events
Introduced
6.18.0
Fixed
6.18.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68762.json"