{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-68229","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-12-16T13:41:40.258Z","datePublished":"2025-12-16T13:57:21.835Z","dateUpdated":"2026-05-11T21:49:19.685Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:49:19.685Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()\n\nIf the allocation of tl_hba->sh fails in tcm_loop_driver_probe() and we\nattempt to dereference it in tcm_loop_tpg_address_show() we will get a\nsegfault, see below for an example. So, check tl_hba->sh before\ndereferencing it.\n\n  Unable to allocate struct scsi_host\n  BUG: kernel NULL pointer dereference, address: 0000000000000194\n  #PF: supervisor read access in kernel mode\n  #PF: error_code(0x0000) - not-present page\n  PGD 0 P4D 0\n  Oops: 0000 [#1] PREEMPT SMP NOPTI\n  CPU: 1 PID: 8356 Comm: tokio-runtime-w Not tainted 6.6.104.2-4.azl3 #1\n  Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 09/28/2024\n  RIP: 0010:tcm_loop_tpg_address_show+0x2e/0x50 [tcm_loop]\n...\n  Call Trace:\n   <TASK>\n   configfs_read_iter+0x12d/0x1d0 [configfs]\n   vfs_read+0x1b5/0x300\n   ksys_read+0x6f/0xf0\n..."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/target/loopback/tcm_loop.c"],"versions":[{"version":"2628b352c3d4905adf8129ea50900bd980b6ccef","lessThan":"63f511d3855f7f4b35dd63dbc58fc3d935a81268","status":"affected","versionType":"git"},{"version":"2628b352c3d4905adf8129ea50900bd980b6ccef","lessThan":"3d8c517f6eb27e47b1a198e05f8023038329b40b","status":"affected","versionType":"git"},{"version":"2628b352c3d4905adf8129ea50900bd980b6ccef","lessThan":"f449a1edd7a13bb025aaf9342ea6f8bf92684bbf","status":"affected","versionType":"git"},{"version":"2628b352c3d4905adf8129ea50900bd980b6ccef","lessThan":"1c9ba455b5073253ceaadae4859546e38e8261fe","status":"affected","versionType":"git"},{"version":"2628b352c3d4905adf8129ea50900bd980b6ccef","lessThan":"a6ef60898ddaf1414592ce3e5b0d94276d631663","status":"affected","versionType":"git"},{"version":"2628b352c3d4905adf8129ea50900bd980b6ccef","lessThan":"72e8831079266749a7023618a0de2f289a9dced6","status":"affected","versionType":"git"},{"version":"2628b352c3d4905adf8129ea50900bd980b6ccef","lessThan":"13aff3b8a7184281b134698704d6c06863a8361b","status":"affected","versionType":"git"},{"version":"2628b352c3d4905adf8129ea50900bd980b6ccef","lessThan":"e6965188f84a7883e6a0d3448e86b0cf29b24dfc","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/target/loopback/tcm_loop.c"],"versions":[{"version":"4.5","status":"affected"},{"version":"0","lessThan":"4.5","status":"unaffected","versionType":"semver"},{"version":"5.4.302","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.247","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.197","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.159","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.118","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.60","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.17.10","lessThanOrEqual":"6.17.*","status":"unaffected","versionType":"semver"},{"version":"6.18","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"5.4.302"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"5.10.247"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"5.15.197"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"6.1.159"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"6.6.118"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"6.12.60"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"6.17.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"6.18"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/63f511d3855f7f4b35dd63dbc58fc3d935a81268"},{"url":"https://git.kernel.org/stable/c/3d8c517f6eb27e47b1a198e05f8023038329b40b"},{"url":"https://git.kernel.org/stable/c/f449a1edd7a13bb025aaf9342ea6f8bf92684bbf"},{"url":"https://git.kernel.org/stable/c/1c9ba455b5073253ceaadae4859546e38e8261fe"},{"url":"https://git.kernel.org/stable/c/a6ef60898ddaf1414592ce3e5b0d94276d631663"},{"url":"https://git.kernel.org/stable/c/72e8831079266749a7023618a0de2f289a9dced6"},{"url":"https://git.kernel.org/stable/c/13aff3b8a7184281b134698704d6c06863a8361b"},{"url":"https://git.kernel.org/stable/c/e6965188f84a7883e6a0d3448e86b0cf29b24dfc"}],"title":"scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()","x_generator":{"engine":"bippy-1.2.0"}}}}