CVE-2025-68185

Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy to attack.

Anyway, it's easy to deal with - since xdrencodehyper() is just a call of putunalignedbe64(), we can put that under ->d_lock and be done with that.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68185.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed

6025f641a0e30afdc5aa62017397b1860ad9f677

Fixed

e6cafe71eb3b5579b245ba1bd528a181e77f3df1

Fixed

fa4daf7d11e45b72aad5d943a7ab991f869fff79

Fixed

504b3fb9948a9e96ebbabdee0d33966a8bab15cb

Fixed

eacfd08b26a062f1095b18719715bc82ad35312e

Fixed

40be5b9080114f18b0cea386db415b68a7273c1a

Fixed

f5e570eaab36a110c6ffda32b87c51170990c2d1

Fixed

a890a2e339b929dbd843328f9a92a1625404fe63

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68185.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.6.12

Fixed

5.4.302

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.247

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.197

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.159

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.117

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.58

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.8

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68185.json"