Out-of-Bounds Write Vulnerability in Linux Kernel's libceph Component
CVE-2025-68284

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 December 2025

What is CVE-2025-68284?

The Linux kernel's libceph component has a vulnerability that could lead to out-of-bounds writes when handling untrusted network packets. This issue arises during the processing of authentication session keys, where inadequate boundary checks can result in unsafe writes and potential exploitation scenarios. In response, developers have implemented robust checks to secure the decryption of connection secrets and the management of service tickets, thereby enhancing the overall security posture of the affected component.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8dfcc56af28cffb8f25fb9be37b3acc61f2a3d09

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/f22c55a20a2d9ffbbac57408d...

https://git.kernel.org/stable/c/8dfcc56af28cffb8f25fb9be3...

https://git.kernel.org/stable/c/ccbccfba25e9aa395daaea156...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2025
Vulnerability Reserved
Dec 16, 2025

JSON