Use-After-Free Vulnerability in Ceph Library for Linux Kernel
CVE-2025-68285

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68285?

A use-after-free vulnerability exists in the Ceph library of the Linux kernel, which can lead to potential system instability and security risks. The issue arises in the wait loop within __ceph_open_session(), where a race condition can occur when the client receives a new monmap or osdmap just after an initial map has been handled. This can cause dereferencing of already freed memory, leading to undefined behavior. The vulnerability can be triggered during specific workloads, such as mounting Ceph filesystems. Proper locking mechanisms and condition checks are needed to ensure safe access to these maps and avoid the risk of exploiting this flaw.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 6822d00b5462e7a9dfa11dcc60cc25823a2107c5

Linux 6822d00b5462e7a9dfa11dcc60cc25823a2107c5 < 05ec43e9a9de67132dc8cd3b22afef001574947f

Linux 6822d00b5462e7a9dfa11dcc60cc25823a2107c5 < 7c8ccdc1714d9fabecd26e1be7db1771061acc6e

References

https://git.kernel.org/stable/c/bb4910c5fd436701faf367e1b...
https://git.kernel.org/stable/c/05ec43e9a9de67132dc8cd3b2...
https://git.kernel.org/stable/c/7c8ccdc1714d9fabecd26e1be...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.