Linux Kernel Vulnerability in AFS Anonymous Key Allocation
CVE-2025-68299
What is CVE-2025-68299?
A vulnerability in the Linux kernel regarding the Allocation of a cell's anonymous key leads to potential application crashes. When parsing the device name during the mounting process, the key lookup mechanism can encounter failures if the anonymous authentication key isn't properly allocated. This flaw can trigger 'oops' events due to a race condition during concurrent accesses. The issue arises from the integration of DNS lookups with background threads. Recent fixes have been implemented to enhance handling of key references and ensure keys are allocated on-demand, preventing multiple allocations for the same cell. This mitigates the risk of crashes but calls for further examination to improve caching mechanisms for lookup failures in the future.
Affected Version(s)
Linux 7e33b15d5a6578a99ebf189cea34983270ae92dd < 5613bde937dfac6725e9c3fc766b9d6b8481e55b
Linux 330e2c514823008b22e6afd2055715bc46dd8d55
Linux 6.17.9 < 6.17.11