CVE-2025-68283

Dec. 18, 2025, 3:08 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: libceph: replace BUG_ON with bounds check for map->max_osd OSD indexes come from untrusted network packets. Boundary checks are added to validate these against map->max_osd. [ idryomov: drop BUG_ON in ceph_get_primary_affinity(), minor cosmetic edits ]

Product(s) Impacted

Product Versions

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/57f5fbae9f1024aba17ff75e00433324115c548a
https://git.kernel.org/stable/c/b4368b7f97014e1015445d61abd0b27c4c6e8424
https://git.kernel.org/stable/c/becc488a4d864db338ebd4e313aa3c77da24b604
https://git.kernel.org/stable/c/e67e3be690f5f7e3b031cf29e8d91e6d02a8e30d
https://git.kernel.org/stable/c/ec3797f043756a94ea2d0f106022e14ac4946c02

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-12-16
CVE-2025-68283

Timeline

Published: Dec. 16, 2025, 4:16 p.m.
Last Modified: Dec. 18, 2025, 3:08 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.