CVE-2025-68177
cpufreq/longhaul: handle NULL policy in longhaul_exit
Description
In the Linux kernel, the following vulnerability has been resolved: cpufreq/longhaul: handle NULL policy in longhaul_exit longhaul_exit() was calling cpufreq_cpu_get(0) without checking for a NULL policy pointer. On some systems, this could lead to a NULL dereference and a kernel warning or panic. This patch adds a check using unlikely() and returns early if the policy is NULL. Bugzilla: #219962
INFO
Published Date :
Dec. 16, 2025, 2:15 p.m.
Last Modified :
Dec. 16, 2025, 2:15 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Update the Linux kernel to the patched version.
- Verify the patch is applied correctly.
- Reboot the system to activate the fix.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2025-68177.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2025-68177 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2025-68177
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2025-68177 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2025-68177 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Dec. 16, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: cpufreq/longhaul: handle NULL policy in longhaul_exit longhaul_exit() was calling cpufreq_cpu_get(0) without checking for a NULL policy pointer. On some systems, this could lead to a NULL dereference and a kernel warning or panic. This patch adds a check using unlikely() and returns early if the policy is NULL. Bugzilla: #219962 Added Reference https://git.kernel.org/stable/c/55cf586b9556863e3c2a45460aba71bcb2be5bcd Added Reference https://git.kernel.org/stable/c/592532a77b736b5153e0c2e4c74aa50af0a352ab Added Reference https://git.kernel.org/stable/c/64adabb6d9d51b7e7c02fe733346a2c4dd738488 Added Reference https://git.kernel.org/stable/c/809cf2a7794ca4c14c304b349f4c3ae220701ce4 Added Reference https://git.kernel.org/stable/c/8d6791c480f22d6e9a566eaa77336d3d37c5c591 Added Reference https://git.kernel.org/stable/c/956b56d17a89775e4957bbddefa45cd3c6c71000 Added Reference https://git.kernel.org/stable/c/b02352dd2e6cca98777714cc2a27553191df70db Added Reference https://git.kernel.org/stable/c/fd93e1d71b3b14443092919be12b1abf08de35eb