CVE-2025-68209 | mlx5: Fix default values in create CQ

In the Linux kernel, the following vulnerability has been resolved: mlx5: Fix default values in create CQ Currently, CQs without a completion function are assigned the mlx5_add_cq_to_tasklet function by default. This is problematic since only user CQs created through the mlx5_ib driver are intended to use this function. Additionally, all CQs that will use doorbells instead of polling for completions must call mlx5_cq_arm. However, the default CQ creation flow leaves a valid value in the CQ's arm_db field, allowing FW to send interrupts to polling-only CQs in certain corner cases. These two factors would allow a polling-only kernel CQ to be triggered by an EQ interrupt and call a completion function intended only for user CQs, causing a null pointer exception. Some areas in the driver have prevented this issue with one-off fixes but did not address the root cause. This patch fixes the described issue by adding defaults to the create CQ flow. It adds a default dummy completion function to protect against null pointer exceptions, and it sets an invalid command sequence number by default in kernel CQs to prevent the FW from sending an interrupt to the CQ until it is armed. User CQs are responsible for their own initialization values. Callers of mlx5_core_create_cq are responsible for changing the completion function and arming the CQ per their needs.

Published: 2025-12-16 Last update: 2026-04-15 Assigner: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD Status:DeferredCVE State: published
View at NVD, CVE.org, EUVD

CVE-2025-68209 is rated Low Risk (4.1/100): low exploitation likelihood (EPSS 0.02%). Low composite risk—no urgent action required; patch on your normal maintenance cycle and revisit priority if CVSS or EPSS increases.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2025-68209

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-12-17 0.02%

Full EPSS history (1 record total)

Common vulnerability scoring system (CVSS) metrics for CVE-2025-68209

CVSS metrics for this CVE.

No CVSS data in dataset for this CVE.

Weakness enumeration for CVE-2025-68209

OS Trackers for CVE-2025-68209

vendor priority summary link
debian unimportant CVE-2025-68209 unimportant priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 3, open 2. https://security-tracker.debian.org/tracker/CVE-2025-68209
redhat medium https://access.redhat.com/security/cve/CVE-2025-68209
suse medium CVE-2025-68209 severity moderate: SUSE including 403 source package names (13.2-9.1:libsystemd0-254.23-1.1, 13.2-9.1:libudev1-254.23-1.1, …), 835 product×package rows across 136 product lines (Container suse/sl-micro/6.0/baremetal-os-container, Container suse/sl-micro/6.0/base-os-container, … (136 product lines)): Fixed 431, Known Affected 231, Known Not Affected 148, First Fixed 25. https://www.suse.com/security/cve/CVE-2025-68209/
ubuntu medium CVE-2025-68209 medium priority: Ubuntu including 157 source packages (linux, linux-allwinner-5.19, …), 1405 status rows across 9 suites (bionic, focal, jammy, noble, plucky, questing, trusty, upstream, xenial): DNE 1010, ignored 178, released 97, not-affected 82, needed 38. https://ubuntu.com/security/CVE-2025-68209

Affected software / configurations for CVE-2025-68209

Vendor Product Version Raw CPE
No affected products in dataset.

References for CVE-2025-68209

cvelogic Threat Intelligence