CVE-2025-68251 — Infinite Loop in Linux
Severity
5.5MEDIUM
No vectorEPSS
0.0%
top 89.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 16
Latest updateFeb 24
Description
In the Linux kernel, the following vulnerability has been resolved:
erofs: avoid infinite loops due to corrupted subpage compact indexes
Robert reported an infinite loop observed by two crafted images.
The root cause is that `clusterofs` can be larger than `lclustersize`
for !NONHEAD `lclusters` in corrupted subpage compact indexes, e.g.:
blocksize = lclustersize = 512 lcn = 6 clusterofs = 515
Move the corresponding check for full compress indexes to
`z_erofs_load_lcluster_from_disk()` to a…
Affected Packages5 packages
▶CVEListV5linux/linux8d2517aaeea3ab8651bb517bca8f3c8664d318ea — 8675447a8794983f2b7e694b378112772c17635e+4
🔴Vulnerability Details
8📋Vendor Advisories
6Red Hat
▶