-
CVE-2025-68251
- EPSS 0.03%
- Veröffentlicht 16.12.2025 14:32:17
- Zuletzt bearbeitet 18.12.2025 15:08:06
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved:
erofs: avoid infinite loops due to corrupted subpage compact indexes
Robert reported an infinite loop observed by two crafted images.
The root cause is that `clusterofs` can be larger than `lclustersize`
for !NONHEAD `lclusters` in corrupted subpage compact indexes, e.g.:
blocksize = lclustersize = 512 lcn = 6 clusterofs = 515
Move the corresponding check for full compress indexes to
`z_erofs_load_lcluster_from_disk()` to also cover subpage compact
compress indexes.
It also fixes the position of `m->type >= Z_EROFS_LCLUSTER_TYPE_MAX`
check, since it should be placed right after
`z_erofs_load_{compact,full}_lcluster()`.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
8675447a8794983f2b7e694b378112772c17635e
Version
8d2517aaeea3ab8651bb517bca8f3c8664d318ea
Status
affected
Version <
e13d315ae077bb7c3c6027cc292401bc0f4ec683
Version
8d2517aaeea3ab8651bb517bca8f3c8664d318ea
Status
affected
Version
3f691aa676f29586e83e6c032713554a290418c3
Status
affected
Version
22438a34d383ec2789eaf450728e38abc53051f8
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.8
Status
affected
Version <
6.8
Version
0
Status
unaffected
Version <=
6.17.*
Version
6.17.6
Status
unaffected
Version <=
*
Version
6.18
Status
unaffected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.067 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|