{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-68749", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-24T10:30:51.032Z", "datePublished": "2025-12-24T12:09:44.301Z", "dateUpdated": "2025-12-24T12:09:44.301Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-24T12:09:44.301Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix race condition when unbinding BOs\n\nFix 'Memory manager not clean during takedown' warning that occurs\nwhen ivpu_gem_bo_free() removes the BO from the BOs list before it\ngets unmapped. Then file_priv_unbind() triggers a warning in\ndrm_mm_takedown() during context teardown.\n\nProtect the unmapping sequence with bo_list_lock to ensure the BO is\nalways fully unmapped when removed from the list. This ensures the BO\nis either fully unmapped at context teardown time or present on the\nlist and unmapped by file_priv_unbind()."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/ivpu/ivpu_gem.c"], "versions": [{"version": "48aea7f2a2efae6a1bd201061c71a81b3f3b7e55", "lessThan": "fb16493ebd8f171bcf0772262619618a131f30f7", "status": "affected", "versionType": "git"}, {"version": "48aea7f2a2efae6a1bd201061c71a81b3f3b7e55", "lessThan": "d71333ffdd3707d84cfb95acfaf8ba892adc066b", "status": "affected", "versionType": "git"}, {"version": "48aea7f2a2efae6a1bd201061c71a81b3f3b7e55", "lessThan": "00812636df370bedf4e44a0c81b86ea96bca8628", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/ivpu/ivpu_gem.c"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "6.17.13", "lessThanOrEqual": "6.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.2", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.17.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.18.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.19-rc1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/fb16493ebd8f171bcf0772262619618a131f30f7"}, {"url": "https://git.kernel.org/stable/c/d71333ffdd3707d84cfb95acfaf8ba892adc066b"}, {"url": "https://git.kernel.org/stable/c/00812636df370bedf4e44a0c81b86ea96bca8628"}], "title": "accel/ivpu: Fix race condition when unbinding BOs", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix race condition when unbinding BOs\n\nFix 'Memory manager not clean during takedown' warning that occurs\nwhen ivpu_gem_bo_free() removes the BO from the BOs list before it\ngets unmapped. Then file_priv_unbind() triggers a warning in\ndrm_mm_takedown() during context teardown.\n\nProtect the unmapping sequence with bo_list_lock to ensure the BO is\nalways fully unmapped when removed from the list. This ensures the BO\nis either fully unmapped at context teardown time or present on the\nlist and unmapped by file_priv_unbind()."}], "id": "CVE-2025-68749", "lastModified": "2025-12-24T13:16:29.830", "metrics": {}, "published": "2025-12-24T13:16:29.830", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/00812636df370bedf4e44a0c81b86ea96bca8628"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d71333ffdd3707d84cfb95acfaf8ba892adc066b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fb16493ebd8f171bcf0772262619618a131f30f7"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{}