{"id":"AZL-72466","summary":"CVE-2025-68229 affecting package kernel for versions less than 6.6.119.3-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()\n\nIf the allocation of tl_hba-\u003esh fails in tcm_loop_driver_probe() and we\nattempt to dereference it in tcm_loop_tpg_address_show() we will get a\nsegfault, see below for an example. So, check tl_hba-\u003esh before\ndereferencing it.\n\n  Unable to allocate struct scsi_host\n  BUG: kernel NULL pointer dereference, address: 0000000000000194\n  #PF: supervisor read access in kernel mode\n  #PF: error_code(0x0000) - not-present page\n  PGD 0 P4D 0\n  Oops: 0000 [#1] PREEMPT SMP NOPTI\n  CPU: 1 PID: 8356 Comm: tokio-runtime-w Not tainted 6.6.104.2-4.azl3 #1\n  Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 09/28/2024\n  RIP: 0010:tcm_loop_tpg_address_show+0x2e/0x50 [tcm_loop]\n...\n  Call Trace:\n   \u003cTASK\u003e\n   configfs_read_iter+0x12d/0x1d0 [configfs]\n   vfs_read+0x1b5/0x300\n   ksys_read+0x6f/0xf0\n...","modified":"2026-04-01T05:22:10.114339Z","published":"2025-12-16T14:15:57Z","upstream":["CVE-2025-68229"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68229"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.119.3-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-72466.json"}}],"schema_version":"1.7.5"}