Buffer Overflow Risk in StarFive Hash Digest Handling for Linux Kernel
CVE-2025-68763
What is CVE-2025-68763?
A vulnerability in the Linux kernel related to the handling of return values in StarFive's hash digest function allows for improper error handling. When the sg_nents_for_len function returns negative error codes, these are improperly assigned to an unsigned long, which can lead to large positive integers. This oversight is a potential gateway for buffer overflow attacks, hence error checking mechanisms have been implemented to mitigate such risks by ensuring immediate termination on failure.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Linux 7883d1b28a2b0e62edcacea22de6b36a1918b15a < 6cd14414394b4f3d6e1ed64b8241d1fcc2271820
Linux 7883d1b28a2b0e62edcacea22de6b36a1918b15a < 0c3854d65cc4402cb8c52d4d773450a06efecab6
Linux 7883d1b28a2b0e62edcacea22de6b36a1918b15a < 1af5c973dd744e29fa22121f43e8646b7a7a71a7