CVE-2025-68283

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the libceph component. Specifically, the code previously used BUG ON which has been replaced with bounds checking for map->max osd. OSD indexes originate from network packets that are considered untrusted. The addition of boundary checks validates these indexes against map->max osd. This change addresses a potential issue where out-of-bounds access could occur due to improperly validated OSD indexes received from the network. The vulnerable code is related to the ceph get primary affinity() function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

AZL-72610

CVE-2025-68283

ECHO-F3E0-5FB9-1342

MGASA-2026-0017

MGASA-2026-0018

OPENSUSE-SU-2026:20145-1

SUSE-SU-2026:0962-1

SUSE-SU-2026:1078-1

SUSE-SU-2026:1081-1

SUSE-SU-2026:20207-1

SUSE-SU-2026:20220-1

SUSE-SU-2026:20228-1

SUSE-SU-2026:20667-1

SUSE-SU-2026:20720-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

USN-8094-1

USN-8094-2

USN-8094-3

USN-8094-4

USN-8094-5

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8152-1

USN-8165-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

Libceph

CVE-2025-68283

Related Identifiers

Affected Products

References · 3115