[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2025-68800":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":25,"related":26,"reserved_at":9,"published_at":27,"modified_at":28,"state":9,"summary":29,"references_raw":31,"kevs":38,"epss":9,"epss_history":39,"metrics":40,"affected":41},"DEBIAN-CVE-2025-68800","In the Linux kernel, the following vulnerability has been resolved:  mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats  Cited commit added a dedicated mutex (instead of RTNL) to protect the multicast route list, so that it will not change while the driver periodically traverses it in order to update the kernel about multicast route stats that were queried from the device.  One instance of list entry deletion (during route replace) was missed and it can result in a use-after-free [1].  Fix by acquiring the mutex before deleting the entry from the list and releasing it afterwards.  [1] BUG: KASAN: slab-use-after-free in mlxsw_sp_mr_stats_update+0x4a5/0x540 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:1006 [mlxsw_spectrum] Read of size 8 at addr ffff8881523c2fa8 by task kworker/2:5/22043  CPU: 2 UID: 0 PID: 22043 Comm: kworker/2:5 Not tainted 6.18.0-rc1-custom-g1a3d6d7cd014 #1 PREEMPT(full) Hardware name: Mellanox Technologies Ltd. MSN2010/SA002610, BIOS 5.6.5 08/24/2017 Workqueue: mlxsw_core mlxsw_sp_mr_stats_update [mlxsw_spectrum] Call Trace:  \u003CTASK>  dump_stack_lvl+0xba/0x110  print_report+0x174/0x4f5  kasan_report+0xdf/0x110  mlxsw_sp_mr_stats_update+0x4a5/0x540 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:1006 [mlxsw_spectrum]  process_one_work+0x9cc/0x18e0  worker_thread+0x5df/0xe40  kthread+0x3b8/0x730  ret_from_fork+0x3e9/0x560  ret_from_fork_asm+0x1a/0x30  \u003C/TASK>  Allocated by task 29933:  kasan_save_stack+0x30/0x50  kasan_save_track+0x14/0x30  __kasan_kmalloc+0x8f/0xa0  mlxsw_sp_mr_route_add+0xd8/0x4770 [mlxsw_spectrum]  mlxsw_sp_router_fibmr_event_work+0x371/0xad0 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c:7965 [mlxsw_spectrum]  process_one_work+0x9cc/0x18e0  worker_thread+0x5df/0xe40  kthread+0x3b8/0x730  ret_from_fork+0x3e9/0x560  ret_from_fork_asm+0x1a/0x30  Freed by task 29933:  kasan_save_stack+0x30/0x50  kasan_save_track+0x14/0x30  __kasan_save_free_info+0x3b/0x70  __kasan_slab_free+0x43/0x70  kfree+0x14e/0x700  mlxsw_sp_mr_route_add+0x2dea/0x4770 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:444 [mlxsw_spectrum]  mlxsw_sp_router_fibmr_event_work+0x371/0xad0 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c:7965 [mlxsw_spectrum]  process_one_work+0x9cc/0x18e0  worker_thread+0x5df/0xe40  kthread+0x3b8/0x730  ret_from_fork+0x3e9/0x560  ret_from_fork_asm+0x1a/0x30",null,[],[],[],[14],{"_key":15},"CVE-2025-68800",[17,19,21,23],{"_key":18},"DLA-4476-1",{"_key":20},"DLA-4475-1",{"_key":22},"DSA-6126-1",{"_key":24},"DSA-6127-1",[],[],"2026-01-13T16:16:02.023Z","2026-04-28T20:30:56.626350Z",{"cisa_kev":30,"cisa_ransomware":30,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[32],{"url":33,"sources":34,"tags":36},"https://security-tracker.debian.org/tracker/CVE-2025-68800",[35],"osv_debian",[37],"Advisory",[],[],[],[42,67],{"ecosystem":43,"name":44,"vendor":45,"product":44,"cpe_part":9,"purl_type":46,"purl_namespace":45,"purl_name":44,"source":9,"versions":47},"Debian","linux","debian","deb",[48,52,53,54,58,61,64],{"version":49,"is_range":50,"range_type":51,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"all",true,"ecosystem",{"version":49,"is_range":50,"range_type":51,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":49,"is_range":50,"range_type":51,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":55,"is_range":50,"range_type":51,"version_start":9,"version_start_type":9,"version_end":56,"version_end_type":57,"fixed_in":9},"lt5_10_249_1","5.10.249-1","excluding",{"version":59,"is_range":50,"range_type":51,"version_start":9,"version_start_type":9,"version_end":60,"version_end_type":57,"fixed_in":9},"lt6_1_162_1","6.1.162-1",{"version":62,"is_range":50,"range_type":51,"version_start":9,"version_start_type":9,"version_end":63,"version_end_type":57,"fixed_in":9},"lt6_12_69_1","6.12.69-1",{"version":65,"is_range":50,"range_type":51,"version_start":9,"version_start_type":9,"version_end":66,"version_end_type":57,"fixed_in":9},"lt6_18_3_1","6.18.3-1",{"ecosystem":43,"name":68,"vendor":45,"product":68,"cpe_part":9,"purl_type":46,"purl_namespace":45,"purl_name":68,"source":9,"versions":69},"linux-6.1",[70,71],{"version":49,"is_range":50,"range_type":51,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":72,"is_range":50,"range_type":51,"version_start":9,"version_start_type":9,"version_end":73,"version_end_type":57,"fixed_in":9},"lt6_1_162_1~deb11u1","6.1.162-1~deb11u1"]