{"id":"CVE-2025-68312","summary":"usbnet: Prevents free active kevent","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: Prevents free active kevent\n\nThe root cause of this issue are:\n1. When probing the usbnet device, executing usbnet_link_change(dev, 0, 0);\nput the kevent work in global workqueue. However, the kevent has not yet\nbeen scheduled when the usbnet device is unregistered. Therefore, executing\nfree_netdev() results in the \"free active object (kevent)\" error reported\nhere.\n\n2. Another factor is that when calling usbnet_disconnect()-\u003eunregister_netdev(),\nif the usbnet device is up, ndo_stop() is executed to cancel the kevent.\nHowever, because the device is not up, ndo_stop() is not executed.\n\nThe solution to this problem is to cancel the kevent before executing\nfree_netdev().","modified":"2026-04-16T04:34:21.798355191Z","published":"2025-12-16T15:39:43.174Z","related":["SUSE-SU-2026:0278-1","SUSE-SU-2026:0281-1","SUSE-SU-2026:0293-1","SUSE-SU-2026:0315-1","SUSE-SU-2026:0473-1","SUSE-SU-2026:0474-1","SUSE-SU-2026:0475-1","SUSE-SU-2026:0495-1","SUSE-SU-2026:0496-1","SUSE-SU-2026:0617-1","SUSE-SU-2026:1131-1","SUSE-SU-2026:20207-1","SUSE-SU-2026:20220-1","SUSE-SU-2026:20228-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","openSUSE-SU-2026:20145-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68312.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/285d4b953f2ca03c358f986718dd89ee9bde632e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2ce1de32e05445d77fc056f6ff8339cfb78a5f84"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3a10619fdefd3051aeb14860e4d4335529b4e94d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/420c84c330d1688b8c764479e5738bbdbf0a33de"},{"type":"WEB","url":"https://git.kernel.org/stable/c/43005002b60ef3424719ecda16d124714b45da3b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5158fb8da162e3982940f30cd01ed77bdf42c6fc"},{"type":"WEB","url":"https://git.kernel.org/stable/c/88a38b135d69f5db9024ff6527232f1b51be8915"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9a579d6a39513069d298eee70770bbac8a148565"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68312.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68312"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"8b4588b8b00b299be16a35be67b331d8fdba03f3"},{"fixed":"285d4b953f2ca03c358f986718dd89ee9bde632e"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"135199a2edd459d2b123144efcd7f9bcd95128e4"},{"fixed":"88a38b135d69f5db9024ff6527232f1b51be8915"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"635fd8953e4309b54ca6a81bed1d4a87668694f4"},{"fixed":"43005002b60ef3424719ecda16d124714b45da3b"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a69e617e533edddf3fa3123149900f36e0a6dc74"},{"fixed":"3a10619fdefd3051aeb14860e4d4335529b4e94d"},{"fixed":"9a579d6a39513069d298eee70770bbac8a148565"},{"fixed":"2ce1de32e05445d77fc056f6ff8339cfb78a5f84"},{"fixed":"5158fb8da162e3982940f30cd01ed77bdf42c6fc"},{"fixed":"420c84c330d1688b8c764479e5738bbdbf0a33de"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"d2d6b530d89b0a912148018027386aa049f0a309"},{"last_affected":"e2a521a7dcc463c5017b4426ca0804e151faeff7"},{"last_affected":"7f77dcbc030c2faa6d8e8a594985eeb34018409e"},{"last_affected":"d49bb8cf9bfaa06aa527eb30f1a52a071da2e32f"},{"last_affected":"db3b738ae5f726204876f4303c49cfdf4311403f"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68312.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.302"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.247"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.197"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.159"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.0.0"},{"fixed":"6.6.117"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.12.58"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.17.8"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68312.json"}}],"schema_version":"1.7.5"}