{"id":"CVE-2025-68376","summary":"coresight: ETR: Fix ETR buffer use-after-free issue","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: ETR: Fix ETR buffer use-after-free issue\n\nWhen ETR is enabled as CS_MODE_SYSFS, if the buffer size is changed\nand enabled again, currently sysfs_buf will point to the newly\nallocated memory(buf_new) and free the old memory(buf_old). But the\netr_buf that is being used by the ETR remains pointed to buf_old, not\nupdated to buf_new. In this case, it will result in a memory\nuse-after-free issue.\n\nFix this by checking ETR's mode before updating and releasing buf_old,\nif the mode is CS_MODE_SYSFS, then skip updating and releasing it.","modified":"2026-05-15T04:14:12.098721524Z","published":"2025-12-24T10:33:05.503Z","related":["SUSE-SU-2026:20555-1","SUSE-SU-2026:20599-1","SUSE-SU-2026:20615-1","openSUSE-SU-2026:10039-1","openSUSE-SU-2026:10301-1","openSUSE-SU-2026:20287-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68376.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/35501ac3c7d40a7bb9568c2f89d6b56beaf9bed3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/70acbc9c77686b7a521af6d7a543dcd9c324cf07"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cda077a19f5c8d6ec61e5b97deca203d95e3a422"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68376.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68376"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.6.0"},{"fixed":"6.17.13"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.18.0"},{"fixed":"6.18.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68376.json"}}],"schema_version":"1.7.5"}