PT-2025-51688 · Libceph+4 · Libceph+4

Published

2025-11-27

·

Updated

2026-05-22

·

CVE-2025-68284

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a flaw within the libceph component, specifically in the handle auth session key() function. This issue could lead to potential out-of-bounds writes due to insufficient boundary checks on the len field, which originates from untrusted network packets. The lack of proper validation when decrypting connection secrets or processing service tickets could allow for exploitation.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Weakness Enumeration

CWE-787

Related Identifiers

AZL-72637
BDU:2026-01323
CVE-2025-68284
ECHO-4B05-E6EF-9FCF
MGASA-2026-0017
MGASA-2026-0018
OESA-2026-2417
OESA-2026-2418
OPENSUSE-SU-2026:20145-1
SUSE-SU-2026:0411-1
SUSE-SU-2026:0447-1
SUSE-SU-2026:0471-1
SUSE-SU-2026:0472-1
SUSE-SU-2026:0474-1
SUSE-SU-2026:0496-1
SUSE-SU-2026:0587-1
SUSE-SU-2026:0617-1
SUSE-SU-2026:0939-1
SUSE-SU-2026:0940-1
SUSE-SU-2026:0941-1
SUSE-SU-2026:0943-1
SUSE-SU-2026:0944-1
SUSE-SU-2026:0945-1
SUSE-SU-2026:0946-1
SUSE-SU-2026:0951-1
SUSE-SU-2026:0983-1
SUSE-SU-2026:0985-1
SUSE-SU-2026:0992-1
SUSE-SU-2026:0997-1
SUSE-SU-2026:1000-1
SUSE-SU-2026:1002-1
SUSE-SU-2026:1039-1
SUSE-SU-2026:1046-1
SUSE-SU-2026:1048-1
SUSE-SU-2026:1049-1
SUSE-SU-2026:1059-1
SUSE-SU-2026:1073-1
SUSE-SU-2026:1083-1
SUSE-SU-2026:1089-1
SUSE-SU-2026:1096-1
SUSE-SU-2026:1099-1
SUSE-SU-2026:1100-1
SUSE-SU-2026:1101-1
SUSE-SU-2026:1102-1
SUSE-SU-2026:1125-1
SUSE-SU-2026:1132-1
SUSE-SU-2026:1136-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20828-1
SUSE-SU-2026:20829-1
SUSE-SU-2026:20831-1
SUSE-SU-2026:20832-1
SUSE-SU-2026:20837-1
SUSE-SU-2026:20840-1
SUSE-SU-2026:20841-1
SUSE-SU-2026:20842-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20853-1
SUSE-SU-2026:20854-1
SUSE-SU-2026:20855-1
SUSE-SU-2026:20856-1
SUSE-SU-2026:20862-1
SUSE-SU-2026:20863-1
SUSE-SU-2026:20864-1
SUSE-SU-2026:20865-1
SUSE-SU-2026:20866-1
SUSE-SU-2026:20876-1
SUSE-SU-2026:20885-1
SUSE-SU-2026:20886-1
SUSE-SU-2026:20887-1
SUSE-SU-2026:20888-1
SUSE-SU-2026:20889-1
SUSE-SU-2026:20897-1
SUSE-SU-2026:20898-1
SUSE-SU-2026:20899-1
SUSE-SU-2026:20900-1
SUSE-SU-2026:20944-1
SUSE-SU-2026:20945-1
SUSE-SU-2026:20946-1
SUSE-SU-2026:20947-1
USN-8094-1
USN-8094-2
USN-8094-3
USN-8094-4
USN-8094-5
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8100-1
USN-8116-1
USN-8125-1
USN-8126-1
USN-8141-1
USN-8152-1
USN-8163-1
USN-8163-2
USN-8165-1
USN-8243-1
USN-8261-1

Affected Products

Debian
Linuxmint
Linux Kernel
Ubuntu
Libceph