CVE-2025-39880 — Incorrect Type Conversion or Cast in Linux
Severity
7.8HIGHNVD
EPSS
0.0%
top 96.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 23
Latest updateApr 13
Description
In the Linux kernel, the following vulnerability has been resolved:
libceph: fix invalid accesses to ceph_connection_v1_info
There is a place where generic code in messenger.c is reading and
another place where it is writing to con->v1 union member without
checking that the union member is active (i.e. msgr1 is in use).
On 64-bit systems, con->v1.auth_retry overlaps with con->v2.out_iter,
so such a read is almost guaranteed to return a bogus value instead of
0 when msgr2 is in use. This ends …
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages3 packages
▶CVEListV5linux/linuxcd1a677cad994021b19665ed476aea63f5d54f31 — ea12ab684f8ae8a6da11a22c78d94a79e2163096+6
Also affects: Debian Linux 11.0
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-f84f-657f-x94w: In the Linux kernel, the following vulnerability has been resolved:
libceph: fix invalid accesses to ceph_connection_v1_info
There is a place where↗2025-09-23
OSV▶
CVE-2025-39880: In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to ceph_connection_v1_info There is a place where ge↗2025-09-23