Linux Kernel Vulnerability in libceph Affects System Integrity
CVE-2025-39880

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
23 September 2025

What is CVE-2025-39880?

A vulnerability in the Linux kernel's libceph component involves improper handling of union member accesses in the messenger.c code. The issue arises when generic code attempts to read from and write to the con->v1 union member without verifying its active status, especially on 64-bit systems. This oversight can lead to potentially invalid values being read, particularly with the con->v1.auth_retry and con->v2.out_iter overlapping, which may lead to benign yet disruptive effects like the invalidation of authorizer tickets. More critically, writes to overlapping memory locations, such as con->v1.connect_seq with con->v2.conn_bufs, could cause serious operational issues, although these scenarios are infrequent.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux cd1a677cad994021b19665ed476aea63f5d54f31

Linux cd1a677cad994021b19665ed476aea63f5d54f31 < 591ea9c30737663a471b2bb07b27ddde86b020d5

Linux cd1a677cad994021b19665ed476aea63f5d54f31 < 23538cfbeed87159a5ac6c61e7a6de3d8d4486a8

References

https://git.kernel.org/stable/c/ea12ab684f8ae8a6da11a22c7...
https://git.kernel.org/stable/c/591ea9c30737663a471b2bb07...
https://git.kernel.org/stable/c/23538cfbeed87159a5ac6c61e...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.