CVE-2025-68176
Published Dec 16, 2025
Modified Apr 15, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdns_pcie::ops before using it cdns_pcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doesn't set the ops. Hence, add a check to prevent NULL pointer dereference. [mani: reworded subject and description]
Is your site exposed to CVE-2025-68176?
Run a free security scan — no signup, results in seconds.
References
Other References
https://git.kernel.org/stable/c/0d0bb756f002810d249caee51f3f1c309f3cdab5
https://git.kernel.org/stable/c/1810b2fd7375de88a74976dcd402b29088e479ed
https://git.kernel.org/stable/c/363448d069e29685ca37a118065121e486387af3
https://git.kernel.org/stable/c/49a6c160ad4812476f8ae1a8f4ed6d15adfa6c09
https://git.kernel.org/stable/c/953eb3796ef06b8ea3bf6bdde14156255bc75866
https://git.kernel.org/stable/c/d5dbe92ac8a4ca6226093241f95f9cb1b0d2e0e1
https://git.kernel.org/stable/c/eb3d29ca0820fa3d7cccad47d2da56c9ab5469ed
Frequently Asked Questions
What is CVE-2025-68176? +
In the Linux kernel, the following vulnerability has been resolved:
PCI: cadence: Check for the existence of cdns_pcie::ops before using it
cdns_pcie::ops might not be populated by all the Cadence glue drivers. This
is going to be true for the upcoming Sophgo platform which doesn't set the
ops.
Hence, add a check to prevent NULL pointer dereference.
[mani: reworded subject and description]
How do I check if I'm vulnerable to CVE-2025-68176? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.