CVE-2025-68237
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-16

Last updated on: 2025-12-18

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: mtdchar: fix integer overflow in read/write ioctls The "req.start" and "req.len" variables are u64 values that come from the user at the start of the function. We mask away the high 32 bits of "req.len" so that's capped at U32_MAX but the "req.start" variable can go up to U64_MAX which means that the addition can still integer overflow. Use check_add_overflow() to fix this bug.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-18
Generated
2026-06-16
AI Q&A
2025-12-16
EPSS Evaluated
2026-06-15
NVD
CVE-2025-68237
EUVD
EUVD-2025-203659
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an integer overflow issue in the Linux kernel's mtdchar driver related to read/write ioctl operations. Specifically, the variables 'req.start' and 'req.len' are 64-bit unsigned integers provided by the user. While 'req.len' is capped at a 32-bit maximum by masking its high bits, 'req.start' can still be as large as the maximum 64-bit value. When adding these two values, an integer overflow can occur, potentially leading to incorrect behavior. The fix involves using a function called check_add_overflow() to properly detect and prevent this overflow.

Impact Analysis

An integer overflow in kernel code can lead to unexpected behavior such as memory corruption, crashes, or security issues like privilege escalation or arbitrary code execution. Since this vulnerability occurs in the Linux kernel's mtdchar driver during read/write ioctl operations, it could potentially be exploited by a local user to cause system instability or escalate privileges.

Mitigation Strategies

Apply the patch or update to the fixed Linux kernel version that includes the fix for the integer overflow in mtdchar read/write ioctls. Specifically, ensure your kernel uses check_add_overflow() to prevent the integer overflow issue.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68237. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart