Vulnerability Lookup

🛡️ CVE-2025-68796

⚪ Unknown ✅ No Known Exploit NVD

N/A

CVSS Score

0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating zero-sized extent in extent cache As syzbot reported: F2FS-fs (loop0): __update_extent_tree_range: extent len is zero, type: 0, extent [0, 0, 0], age [0, 0] ------------[ cut here ]------------ kernel BUG at fs/f2fs/extent_cache.c:678! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI CPU: 0 UID: 0 PID: 5336 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 RIP: 0010:__update_extent_tree_range+0x13bc/0x1500 fs/f2fs/extent_cache.c:678 Call Trace: f2fs_update_read_extent_cache_range+0x192/0x3e0 fs/f2fs/extent_cache.c:1085 f2fs_do_zero_range fs/f2fs/file.c:1657 [inline] f2fs_zero_range+0x10c1/0x1580 fs/f2fs/file.c:1737 f2fs_fallocate+0x583/0x990 fs/f2fs/file.c:2030 vfs_fallocate+0x669/0x7e0 fs/open.c:342 ioctl_preallocate fs/ioctl.c:289 [inline] file_ioctl+0x611/0x780 fs/ioctl.c:-1 do_vfs_ioctl+0xb33/0x1430 fs/ioctl.c:576 __do_sys_ioctl fs/ioctl.c:595 [inline] __se_sys_ioctl+0x82/0x170 fs/ioctl.c:583 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f07bc58eec9 In error path of f2fs_zero_range(), it may add a zero-sized extent into extent cache, it should be avoided.

Details

Severity Unknown

CVSS Score N/A

CVSS Vector N/A

CWE N/A

Public Exploit ✅ No

Source NVD

Published 2026-01-13

Updated 2026-06-02

Modified 2026-04-16

Fix URL N/A

Affected Packages

Software	From version	Fixed in
kernel	6.13.0	6.18.3
unknown	—	—

References

WEB https://git.kernel.org/stable/c/4f244c64efe628d277b916f47071adf480eb8646

WEB https://git.kernel.org/stable/c/72c58a82e6fb7b327e8701f5786c70c3edc56188

WEB https://git.kernel.org/stable/c/7c37c79510329cd951a4dedf3f7bf7e2b18dccec

WEB https://git.kernel.org/stable/c/9c07bd262c13ca922adad6e7613d48505f97f548

WEB https://git.kernel.org/stable/c/bac23833220a1f8fe8dfab7e16efa20ff64d7589

WEB https://git.kernel.org/stable/c/e50b81c50fcbe63f50405bb40f262162ff32af88

WEB https://git.kernel.org/stable/c/efe3371001f50a2d6f746b50bdc6f9f26b2089ec

ADVISORY https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68796.json

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-68796

PACKAGE https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

🔗 NVD 🔗 Mitre

Similar Threats

Unknown ALSA-2023:2458
Unknown ALSA-2023:1703
Unknown ALSA-2023:1566
Unknown ALSA-2023:1470
Unknown ALSA-2023:0951

Vulnerability Monitoring

Stay informed about vulnerabilities in your stack

BotEraser monitors your WordPress installation and notifies you when software you use appears in our vulnerability database.

Set Up Free Alerts →

No credit card required · Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.

Stay informed about vulnerabilities in your stack

Company

Resources

Services

Trusted

Subscribe