SB2025122267 - Resource management error in Linux kernel firmware driver
Published: December 22, 2025
Security Bulletin ID
SB2025122267
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2025-68328)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the stratix10_svc_drv_probe() function in drivers/firmware/stratix10-svc.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/354fb03002da0970d337f0d3edbeb46cc4fa6f41
- https://git.kernel.org/stable/c/60ab1851614e6007344042b66da6e31d1cc26cb3
- https://git.kernel.org/stable/c/71796c91ee8e33faf4434a9e210b5063c28ea907
- https://git.kernel.org/stable/c/9d0a330abd9e49bcebf6307aac185081bde49a43
- https://git.kernel.org/stable/c/b359df793f609b1efce31dadfe6883ec73852619
- https://git.kernel.org/stable/c/bd226fa02ed6db6fce0fae010802f0950fd14fb9
- https://git.kernel.org/stable/c/d0fcf70c680e4d1669fcb3a8632f41400b9a73c2