CVE-2025-68210 — Infinite Loop in Linux

16 documents7 sources

Severity

—N/A

No vector

EPSS

0.0%

top 90.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 16

Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid infinite loop due to incomplete zstd-compressed data Currently, the decompression logic incorrectly spins if compressed data is truncated in crafted (deliberately corrupted) images.

Affected Packages5 packages

▶Linuxlinux/linux_kernel6.10.0 — 6.12.59+1

▶Debianlinux/linux_kernel< 6.12.63-1+1

▶Ubuntulinux/linux_kernel< 6.17.0-14.14

▶CVEListV5linux/linux7c35de4df1056a5a1fb4de042197b8f5b1033b61 — 4d0e0bb1908acac5b27d30b45c450e8ead97eb00+3

▶debiandebian/linux< linux 6.17.9-1 (forky)

🔴Vulnerability Details

OSV

linux-azure vulnerabilities↗2026-02-24

▶

OSV

linux-oem-6.17 vulnerabilities↗2026-02-17

▶

OSV

linux-aws, linux-oracle vulnerabilities↗2026-02-17

▶

OSV

linux-gcp vulnerabilities↗2026-02-12

▶

OSV

linux, linux-raspi, linux-realtime vulnerabilities↗2026-02-12

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-02-24

▶

Ubuntu

Linux kernel (OEM) vulnerabilities↗2026-02-17

▶

Ubuntu

Linux kernel (GCP) vulnerabilities↗2026-02-12

▶

Ubuntu

Linux kernel vulnerabilities↗2026-02-12

▶

Red Hat

kernel: erofs: avoid infinite loop due to incomplete zstd-compressed data↗2025-12-16

▶

🕵️Threat Intelligence

Wiz

CVE-2025-68210 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶