Linux Kernel punit_ipc IPCMemory Corruption via Misused Pointer
CVE-2025-68303 Published on December 16, 2025
platform/x86: intel: punit_ipc: fix memory corruption
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: intel: punit_ipc: fix memory corruption
This passes the address of the pointer "&punit_ipcdev" when the intent
was to pass the pointer itself "punit_ipcdev" (without the ampersand).
This means that the:
complete(&ipcdev->cmd_complete);
in intel_punit_ioc() will write to a wrong memory address corrupting it.
Products Associated with CVE-2025-68303
stack.watch emails you whenever new vulnerabilities are published in Linux Kernel or Linux Kernel. Just hit a watch button to start following.
Affected Versions
Linux:- Version fdca4f16f57da76a8e68047923588a87d1c01f0a and below 15d560cdf5b36c51fffec07ac2a983ab3bff4cb2 is affected.
- Version fdca4f16f57da76a8e68047923588a87d1c01f0a and below 46e9d6f54184573dae1dcbcf6685a572ba6f4480 is affected.
- Version fdca4f16f57da76a8e68047923588a87d1c01f0a and below 3e7442c5802146fd418ba3f68dcb9ca92b5cec83 is affected.
- Version fdca4f16f57da76a8e68047923588a87d1c01f0a and below a21615a4ac6fecbb586d59fe2206b63501021789 is affected.
- Version fdca4f16f57da76a8e68047923588a87d1c01f0a and below c2ee6d38996775a19bfdf20cb01a9b8698cb0baa is affected.
- Version fdca4f16f57da76a8e68047923588a87d1c01f0a and below 9b9c0adbc3f8a524d291baccc9d0c04097fb4869 is affected.
- Version 4.5 is affected.
- Before 4.5 is unaffected.
- Version 5.15.197, <= 5.15.* is unaffected.
- Version 6.1.159, <= 6.1.* is unaffected.
- Version 6.6.119, <= 6.6.* is unaffected.
- Version 6.12.61, <= 6.12.* is unaffected.
- Version 6.17.11, <= 6.17.* is unaffected.
- Version 6.18, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.