| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2026011305-CVE-2025-68794-32db@gregkh> Date: Tue, 13 Jan 2026 16:29:20 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-68794: iomap: adjust read range correctly for non-block-aligned positions From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: iomap: adjust read range correctly for non-block-aligned positions iomap_adjust_read_range() assumes that the position and length passed in are block-aligned. This is not always the case however, as shown in the syzbot generated case for erofs. This causes too many bytes to be skipped for uptodate blocks, which results in returning the incorrect position and length to read in. If all the blocks are uptodate, this underflows length and returns a position beyond the folio. Fix the calculation to also take into account the block offset when calculating how many bytes can be skipped for uptodate blocks. The Linux kernel CVE team has assigned CVE-2025-68794 to this issue. Affected and fixed versions =========================== Fixed in 6.6.120 with commit 82b60ffbb532d919959702768dca04c3c0500ae5 Fixed in 6.12.64 with commit 12053695c8ef5410e8cc6c9ed4c0db9cd9c82b3e Fixed in 6.18.3 with commit 142194fb21afe964d2d194cab1fc357cbf87e899 Fixed in 6.19-rc1 with commit 7aa6bc3e8766990824f66ca76c19596ce10daf3e Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-68794 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/iomap/buffered-io.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/82b60ffbb532d919959702768dca04c3c0500ae5 https://git.kernel.org/stable/c/12053695c8ef5410e8cc6c9ed4c0db9cd9c82b3e https://git.kernel.org/stable/c/142194fb21afe964d2d194cab1fc357cbf87e899 https://git.kernel.org/stable/c/7aa6bc3e8766990824f66ca76c19596ce10daf3e
Powered by blists - more mailing lists