CVE-2025-68303

Name: CVE-2025-68303
Creator: NVD / NIST
Published: 2025-12-16T16:16:09.82+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.16%

Last modified Jun 17, 2026

CVE-2025-68303 is a vulnerability of currently unknown severity. In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel: punit_ipc: fix memory corruption This passes the address of the pointer "&punit_ipcdev" when the intent was to pass the pointer itself "punit_ipcdev" (without the ampersand). This means that the: complete(&ipcdev->cmd_complete); in intel_punit_ioc() will write to a wrong memory address corrupting it.. EPSS estimates a 0.16% chance of exploitation in the next 30 days.

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel: punit_ipc: fix memory corruption This passes the address of the pointer "&punit_ipcdev" when the intent was to pass the pointer itself "punit_ipcdev" (without the ampersand). This means that the: complete(&ipcdev->cmd_complete); in intel_punit_ioc() will write to a wrong memory address corrupting it.

Metrics

EPSS Probability

0.16%

5.6th percentile

Probability of exploitation in the next 30 days. Learn more

References

Timeline

Published: Dec 16, 2025
Last Modified: Jun 17, 2026
Status: Deferred

Frequently Asked Questions

What is CVE-2025-68303?

How severe is CVE-2025-68303?

Severity scoring for CVE-2025-68303 is pending analysis. The EPSS model estimates a 0.16% probability of exploitation in the next 30 days.

How do I fix CVE-2025-68303?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-68303?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST