You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 68209
About this tag
CVE-2025-68209 is a Linux kernel vulnerability in the Mellanox/NVIDIA mlx5 driver that was fixed in mid-December. The issue involves unsafe default values used when creating Completion Queues (CQs), which could lead to a kernel null-pointer fault. Specifically, a polling-only kernel CQ could be spuriously triggered and dereference a user-only completion callback, causing a kernel crash. The fix is a small, surgical patch that corrects the default initialization to prevent this stability hole. This tag covers discussions about the vulnerability, its impact on kernel stability, and the patch that resolves it.
A small, surgical kernel fix published in mid‑December closes a subtle yet real stability hole in the Mellanox/NVIDIA mlx5 driver: CVE‑2025‑68209 corrects unsafe default values used when creating Completion Queues (CQs), preventing a rare path where a polling‑only kernel CQ could be spuriously...