CVE-2025-68737 Affecting kernel-uek-debug-modules-usb package, versions <0:6.12.0-200.74.27.el9uek
Threat Intelligence
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-ORACLE9-KERNELUEKDEBUGMODULESUSB-15864463
- published1 Apr 2026
- disclosed24 Dec 2025
Introduced: 24 Dec 2025
CVE-2025-68737 (opens in a new tab)How to fix?
Upgrade Oracle:9 kernel-uek-debug-modules-usb to version 0:6.12.0-200.74.27.el9uek or higher.
This issue was patched in ELSA-2026-50160.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-uek-debug-modules-usb package and not the kernel-uek-debug-modules-usb package as distributed by Oracle.
See How to fix? for Oracle:9 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
arm64/pageattr: Propagate return value from __change_memory_common
The rodata=on security measure requires that any code path which does vmalloc -> set_memory_ro/set_memory_rox must protect the linear map alias too. Therefore, if such a call fails, we must abort set_memory_* and caller must take appropriate action; currently we are suppressing the error, and there is a real chance of such an error arising post commit a166563e7ec3 ("arm64: mm: support large block mapping when rodata=full"). Therefore, propagate any error to the caller.