PT-2025-39137 · Linux+4 · Linux Kernel+4
Published
2025-07-03
·
Updated
2026-05-26
·
CVE-2025-39880
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The Linux kernel contains an issue within the libceph component related to invalid accesses to
ceph connection v1 info. Specifically, generic code in messenger.c reads and writes to the con->v1 union member without verifying its active status. On 64-bit systems, con->v1.auth retry overlaps with con->v2.out iter, potentially leading to incorrect values. Additionally, con->v1.connect seq overlaps with con->v2.conn bufs, and writing to this location could have more severe consequences. The issue arises from improper handling of the con->v1 and con->v2 structures within the Ceph connection object.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Incorrect Type Conversion or Cast
RCE
Improper Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Ceph
Linuxmint
Linux Kernel
Ubuntu