CVE-2025-68797

Jan. 14, 2026, 4:26 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in ac_ioctl Discovered by Atuin - Automated Vulnerability Discovery Engine. In ac_ioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6. However, the function unconditionally executes readb(apbs[IndexCard].RamIO + VERS) at the end. If cmd is 6, IndexCard may reference a board that does not exist (where RamIO is NULL), leading to a NULL pointer dereference. Fix this by skipping the readb access when cmd is 6, as this command is a global information query and does not target a specific board context.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a linux linux_kernel / / / / / / / /

References

https://git.kernel.org/stable/c/0b8b353e09888bccee405e0dd6feafb60360f478
https://git.kernel.org/stable/c/74883565c621eec6cd2e35fe6d27454cf2810c23
https://git.kernel.org/stable/c/82d12088c297fa1cef670e1718b3d24f414c23f7
https://git.kernel.org/stable/c/d285517429a75423789e6408653e57b6fdfc8e54
https://git.kernel.org/stable/c/f83e3e9f89181b42f6076a115d767a7552c4a39e

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2026-01-13
CVE-2025-68797

Timeline

Published: Jan. 13, 2026, 4:16 p.m.
Last Modified: Jan. 14, 2026, 4:26 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.