CVE-2025-68284
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-68284, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-16

Last updated on: 2025-12-18

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes when decrypting the connection secret or processing service tickets. [ idryomov: changelog ]

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-16
Last Modified
2025-12-18
Generated
2026-07-06
AI Q&A
2025-12-16
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel's libceph component involves potential out-of-bounds writes in the handle_auth_session_key() function. The issue arises because the 'len' field, which is used during decryption of connection secrets or processing service tickets, comes from untrusted network packets. Without proper boundary checks, this can lead to writing data outside the intended memory area, which has now been fixed by adding boundary checks.

Impact Analysis

The vulnerability could allow an attacker to cause out-of-bounds memory writes, potentially leading to memory corruption, crashes, or execution of arbitrary code within the Linux kernel environment. This can compromise system stability and security.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68284. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart