CVE-2025-68758

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> backlight: led-bl: Add devlink to supplier LEDs<br /> <br /> LED Backlight is a consumer of one or multiple LED class devices, but<br /> devlink is currently unable to create correct supplier-producer links when<br /> the supplier is a class device. It creates instead a link where the<br /> supplier is the parent of the expected device.<br /> <br /> One consequence is that removal order is not correctly enforced.<br /> <br /> Issues happen for example with the following sections in a device tree<br /> overlay:<br /> <br /> // An LED driver chip<br /> pca9632@62 {<br /> compatible = "nxp,pca9632";<br /> reg = ;<br /> <br /> // ...<br /> <br /> addon_led_pwm: led-pwm@3 {<br /> reg = ;<br /> label = "addon:led:pwm";<br /> };<br /> };<br /> <br /> backlight-addon {<br /> compatible = "led-backlight";<br /> leds = ;<br /> brightness-levels = ;<br /> default-brightness-level = ;<br /> };<br /> <br /> In this example, the devlink should be created between the backlight-addon<br /> (consumer) and the pca9632@62 (supplier). Instead it is created between the<br /> backlight-addon (consumer) and the parent of the pca9632@62, which is<br /> typically the I2C bus adapter.<br /> <br /> On removal of the above overlay, the LED driver can be removed before the<br /> backlight device, resulting in:<br /> <br /> Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010<br /> ...<br /> Call trace:<br /> led_put+0xe0/0x140<br /> devm_led_release+0x6c/0x98<br /> <br /> Another way to reproduce the bug without any device tree overlays is<br /> unbinding the LED class device (pca9632@62) before unbinding the consumer<br /> (backlight-addon):<br /> <br /> echo 11-0062 &gt;/sys/bus/i2c/drivers/leds-pca963x/unbind<br /> echo ...backlight-dock &gt;/sys/bus/platform/drivers/led-backlight/unbind<br /> <br /> Fix by adding a devlink between the consuming led-backlight device and the<br /> supplying LED device, as other drivers and subsystems do as well.