CVE-2025-68771

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the ocfs2 subsystem, specifically in the ocfs2 find victim chain() function. A kernel BUG occurs when the cl next free rec field within the allocation chain list is zero, triggering a condition that causes the kernel to panic. This happens because the code attempts to access a non-existent next free slot in the chain list. The issue is addressed by adding a check in ocfs2 claim suballoc bits() to verify if cl next free rec is zero or greater than cl count, and if so, logging an error instead of panicking the kernel.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-457

Related Identifiers

BDU:2026-00747

CVE-2025-68771

ECHO-9C2A-9FD9-F212

MGASA-2026-0017

MGASA-2026-0018

OPENSUSE-SU-2026:20287-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0447-1

SUSE-SU-2026:0472-1

SUSE-SU-2026:0473-1

SUSE-SU-2026:0474-1

SUSE-SU-2026:0496-1

SUSE-SU-2026:0587-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20555-1

SUSE-SU-2026:20599-1

SUSE-SU-2026:20615-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

USN-8096-1

USN-8096-2

USN-8096-3

USN-8096-4

USN-8096-5

USN-8116-1

USN-8141-1

USN-8163-1

USN-8163-2

USN-8177-1

USN-8177-2

USN-8179-1

USN-8179-2

USN-8179-3

USN-8179-4

USN-8183-1

USN-8183-2

USN-8184-1

USN-8185-1

USN-8185-2

USN-8203-1

USN-8204-1

USN-8243-1

USN-8245-1

USN-8257-1

USN-8258-1

USN-8260-1

USN-8261-1

USN-8265-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-68771

Weakness Enumeration

Related Identifiers

Affected Products

References · 3128