GHSA-74P6-P33F-J22M

Vulnerability from github – Published: 2026-01-05 12:30 – Updated: 2026-01-05 12:30
VLAI?
Details

In the Linux kernel, the following vulnerability has been resolved:

net: netpoll: initialize work queue before error checks

Prevent a kernel warning when netconsole setup fails on devices with IFF_DISABLE_NETPOLL flag. The warning (at kernel/workqueue.c:4242 in __flush_work) occurs because the cleanup path tries to cancel an uninitialized work queue.

When __netpoll_setup() encounters a device with IFF_DISABLE_NETPOLL, it fails early and calls skb_pool_flush() for cleanup. This function calls cancel_work_sync(&np->refill_wq), but refill_wq hasn't been initialized yet, triggering the warning.

Move INIT_WORK() to the beginning of __netpoll_setup(), ensuring the work queue is properly initialized before any potential failure points. This allows the cleanup path to safely cancel the work queue regardless of where the setup fails.

Show details on source website
To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2025-68762"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-05T10:15:57Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: netpoll: initialize work queue before error checks\n\nPrevent a kernel warning when netconsole setup fails on devices with\nIFF_DISABLE_NETPOLL flag. The warning (at kernel/workqueue.c:4242 in\n__flush_work) occurs because the cleanup path tries to cancel an\nuninitialized work queue.\n\nWhen __netpoll_setup() encounters a device with IFF_DISABLE_NETPOLL,\nit fails early and calls skb_pool_flush() for cleanup. This function\ncalls cancel_work_sync(\u0026np-\u003erefill_wq), but refill_wq hasn\u0027t been\ninitialized yet, triggering the warning.\n\nMove INIT_WORK() to the beginning of __netpoll_setup(), ensuring the\nwork queue is properly initialized before any potential failure points.\nThis allows the cleanup path to safely cancel the work queue regardless\nof where the setup fails.",
  "id": "GHSA-74p6-p33f-j22m",
  "modified": "2026-01-05T12:30:29Z",
  "published": "2026-01-05T12:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68762"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/760bc6ceda8e2c273c0e2018ad2595967c3dd308"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a90d0dc38a10347078cca60e7495ad0648838f18"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e5235eb6cfe02a51256013a78f7b28779a7740d5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.