CVE-2025-68223

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

16/12/2025

Last modified:

26/02/2026

Description

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeon_fence_process in is_signaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fence_ops::signaled can be called with the fence lock in unknown state. For radeon, the fence lock is also the wait queue lock. This can cause a self deadlock when signaled() tries to make forward progress on the wait queue. But advancing the queue is unneeded because incorrectly returning false from signaled() is perfectly acceptable. (cherry picked from commit 527ba26e50ec2ca2be9c7c82f3ad42998a75d0db)

Impact

Vector 3.x

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 5.50 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x

5.50

Severity 3.x

MEDIUM

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:o:linux:linux_kernel::::::::	3.18 (including)	6.1.162 (excluding)
cpe:2.3:o:linux:linux_kernel::::::::	6.2 (including)	6.6.123 (excluding)
cpe:2.3:o:linux:linux_kernel::::::::	6.7 (including)	6.12.60 (excluding)
cpe:2.3:o:linux:linux_kernel::::::::	6.13 (including)	6.17.10 (excluding)
cpe:2.3:o:linux:linux_kernel:6.18:rc1::::::
cpe:2.3:o:linux:linux_kernel:6.18:rc2::::::
cpe:2.3:o:linux:linux_kernel:6.18:rc3::::::
cpe:2.3:o:linux:linux_kernel:6.18:rc4::::::
cpe:2.3:o:linux:linux_kernel:6.18:rc5::::::
cpe:2.3:o:linux:linux_kernel:6.18:rc6::::::

To consult the complete list of CPE names with products and versions, see this page

CVE-2025-68223

Description

Impact

Vulnerable products and versions

References to Advisories, Solutions, and Tools