CVE-2025-68350
Divide-by-Zero Vulnerability in Linux exFAT Causes System Crash
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a divide-by-zero error in the Linux kernel's exfat file system code. Specifically, the variable max_ra_count can be zero in the function exfat_allocate_bitmap(), which leads to a divide-by-zero operation (i % max_ra_count). This causes the system to crash. The issue occurs because when max_ra_count is zero, it indicates that readahead is not used, and the code did not handle this case properly.
How can this vulnerability impact me? :
This vulnerability can cause a system crash due to a divide-by-zero error in the exfat file system code. A crash can lead to denial of service, potentially causing data loss or system unavailability until the system is restarted or fixed.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch that fixes the divide-by-zero error in exfat_allocate_bitmap by updating the Linux kernel to a version that includes the fix for this vulnerability.