CVE-2025-68284

The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes when decrypting the connection secret or processing service tickets.

[ idryomov: changelog ]

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68284.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

285ea34fc876aa0a2c5e65d310c4a41269e2e5f2

Fixed

f22c55a20a2d9ffbbac57408d5d488cef8201e9d

Fixed

8dfcc56af28cffb8f25fb9be37b3acc61f2a3d09

Fixed

ccbccfba25e9aa395daaea156b5e7790910054c4

Fixed

5ef575834ca99f719d7573cdece9df2fe2b72424

Fixed

6920ff09bf911bc919cd7a6b7176fbdd1a6e6850

Fixed

7fce830ecd0a0256590ee37eb65a39cbad3d64fc

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68284.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.197

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.159

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.119

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.61

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.11

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68284.json"