CVE-2025-68293

Published: December 17, 2025Last modified: December 17, 2025

Description

In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix NULL pointer deference when splitting folio Commit c010d47f107f ("mm: thp: split huge page to any lower order pages") introduced an early check on the folio's order via mapping->flags before proceeding with the split work. This check introduced a bug: for shmem folios in the swap cache and truncated folios, the mapping pointer can be NULL. Accessing mapping->flags in this state leads directly to a NULL pointer dereference. This commit fixes the issue by moving the check for mapping != NULL before any attempt to access mapping->flags.

Status

Product	Release	Package	Status
Alpaquita Linux	23 LTS	linux-lts	Not affected (6.1.33-r0)
	25 LTS	linux-lts	Fixed (6.12.61-r0)
	Stream	linux-lts	Fixed (6.12.61-r0)

References

https://git.kernel.org/stable/c/592db83615a9f0164472ec789c2ed34ad35f732f
https://git.kernel.org/stable/c/cff47b9e39a6abf03dde5f4f156f841b0c54bba0
https://git.kernel.org/stable/c/d1b83fbacd4397a1d2f8c6b13427a8636ae2b307