Home

Description

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid infinite loops due to corrupted subpage compact indexes Robert reported an infinite loop observed by two crafted images. The root cause is that `clusterofs` can be larger than `lclustersize` for !NONHEAD `lclusters` in corrupted subpage compact indexes, e.g.: blocksize = lclustersize = 512 lcn = 6 clusterofs = 515 Move the corresponding check for full compress indexes to `z_erofs_load_lcluster_from_disk()` to also cover subpage compact compress indexes. It also fixes the position of `m->type >= Z_EROFS_LCLUSTER_TYPE_MAX` check, since it should be placed right after `z_erofs_load_{compact,full}_lcluster()`.

PUBLISHED Reserved 2025-12-16 | Published 2025-12-16 | Updated 2025-12-16 | Assigner Linux

Product status

Default status
unaffected

8d2517aaeea3ab8651bb517bca8f3c8664d318ea (git) before 8675447a8794983f2b7e694b378112772c17635e
affected

8d2517aaeea3ab8651bb517bca8f3c8664d318ea (git) before e13d315ae077bb7c3c6027cc292401bc0f4ec683
affected

3f691aa676f29586e83e6c032713554a290418c3 (git)
affected

22438a34d383ec2789eaf450728e38abc53051f8 (git)
affected

Default status
affected

6.8
affected

Any version before 6.8
unaffected

6.17.6 (semver)
unaffected

6.18 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/8675447a8794983f2b7e694b378112772c17635e

git.kernel.org/...c/e13d315ae077bb7c3c6027cc292401bc0f4ec683

cve.org (CVE-2025-68251)

nvd.nist.gov (CVE-2025-68251)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.