CVE-2025-68349
CVE-2025-68349 is a security vulnerability that is still awaiting full analysis and scoring. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- EPSS exploit prediction: 0% (7th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2025-205105
- Published:
- Last modified:
Description
In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid Fixes a crash when layout is null during this call stack: write_inode -> nfs4_write_inode -> pnfs_layoutcommit_inode pnfs_set_layoutcommit relies on the lseg refcount to keep the layout around. Need to clear NFS_INO_LAYOUTCOMMIT otherwise we might attempt to reference a null layout.
Frequently asked questions
- What is CVE-2025-68349?
- In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid Fixes a crash when layout is null during this call stack: write_inode -> nfs4_write_inode -> pnfs_layoutcommit_inode pnfs_set_layoutcommit relies on the lseg refcount to keep the layout around. Need to clear NFS_INO_LAYOUTCOMMIT otherwise we might attempt to reference a null layout.
- Is CVE-2025-68349 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (7th percentile), an estimate of the probability of exploitation in the next 30 days.
- How do I fix CVE-2025-68349?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2025-68349 have an EU (EUVD) identifier?
- Yes. CVE-2025-68349 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-205105.
- When was CVE-2025-68349 published?
- CVE-2025-68349 was published on 2025-12-24 and last updated on 2026-06-17.
References
- https://git.kernel.org/stable/c/084bebe82ad86f718a3af84f34761863e63164ed
- https://git.kernel.org/stable/c/104080582ae0aa6dce6c6d75ff89062efe84673b
- https://git.kernel.org/stable/c/38694f9aae00459ab443a7dc8b3949a6b33b560a
- https://git.kernel.org/stable/c/59947dff0fb7c19c09ce6dccbcd253fd542b6c25
- https://git.kernel.org/stable/c/b6e4e3a08c03200cc4b8067ec8ab3172a989d6fc
- https://git.kernel.org/stable/c/ca2e7fdad7c683b64821c94a58b9b68733214dad
- https://git.kernel.org/stable/c/e0f8058f2cb56de0b7572f51cd563ca5debce746
- https://git.kernel.org/stable/c/f718f9ea6094843b8c059b073af49ad61e9f49bb