CVE-2025-68283

high

Description

In the Linux kernel, the following vulnerability has been resolved: libceph: replace BUG_ON with bounds check for map->max_osd OSD indexes come from untrusted network packets. Boundary checks are added to validate these against map->max_osd. [ idryomov: drop BUG_ON in ceph_get_primary_affinity(), minor cosmetic edits ]

References

https://git.kernel.org/stable/c/ec3797f043756a94ea2d0f106022e14ac4946c02

https://git.kernel.org/stable/c/e67e3be690f5f7e3b031cf29e8d91e6d02a8e30d

https://git.kernel.org/stable/c/becc488a4d864db338ebd4e313aa3c77da24b604

https://git.kernel.org/stable/c/b4368b7f97014e1015445d61abd0b27c4c6e8424

https://git.kernel.org/stable/c/57f5fbae9f1024aba17ff75e00433324115c548a

Details

Source: Mitre, NVD

Published: 2025-12-16

Updated: 2025-12-18

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High

EPSS

EPSS: 0.00018