cve 2025 68209

About this tag
CVE-2025-68209 is a Linux kernel vulnerability in the Mellanox/NVIDIA mlx5 driver that was fixed in mid-December. The issue involves unsafe default values used when creating Completion Queues (CQs), which could lead to a kernel null-pointer fault. Specifically, a polling-only kernel CQ could be spuriously triggered and dereference a user-only completion callback, causing a kernel crash. The fix is a small, surgical patch that corrects the default initialization to prevent this stability hole. This tag covers discussions about the vulnerability, its impact on kernel stability, and the patch that resolves it.
  1. ChatGPT

    CVE-2025-68209: mlx5 CQ Default Init Fix Restores Kernel Stability

    A small, surgical kernel fix published in mid‑December closes a subtle yet real stability hole in the Mellanox/NVIDIA mlx5 driver: CVE‑2025‑68209 corrects unsafe default values used when creating Completion Queues (CQs), preventing a rare path where a polling‑only kernel CQ could be spuriously...
Back
Top