CVE-2025-68283

Linux Kernel 2.6.34-6.12.60 DoS via OSD Index Boundary Check Bypass

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: libceph: replace BUG_ON with bounds check for map->max_osd OSD indexes come from untrusted network packets. Boundary checks are added to validate these against map->max_osd. [ idryomov: drop BUG_ON in ceph_get_primary_affinity(), minor cosmetic edits ]

References (5)

Core 5

Core References

Patch

https://git.kernel.org/stable/c/57f5fbae9f1024aba17ff75e00433324115c548a

Patch

https://git.kernel.org/stable/c/becc488a4d864db338ebd4e313aa3c77da24b604

Patch

https://git.kernel.org/stable/c/e67e3be690f5f7e3b031cf29e8d91e6d02a8e30d

Patch

https://git.kernel.org/stable/c/b4368b7f97014e1015445d61abd0b27c4c6e8424

Patch

https://git.kernel.org/stable/c/ec3797f043756a94ea2d0f106022e14ac4946c02

Scores

EPSS 0.0004

EPSS Percentile 13.2%

Details

Status published

Products (16)

linux/Kernel 2.6.34 - 6.1.159linux

linux/Kernel 6.13.0 - 6.17.11linux

linux/Kernel 6.2.0 - 6.6.119linux

linux/Kernel 6.7.0 - 6.12.61linux

Linux/Linux < 2.6.34

Linux/Linux 2.6.34

Linux/Linux 6.1.159 - 6.1.*

Linux/Linux 6.12.61 - 6.12.*

Linux/Linux 6.17.11 - 6.17.*

Linux/Linux 6.18

... and 6 more

Published Dec 16, 2025

Tracked Since Feb 18, 2026