CVE-2025-68364

Vulnerability

Analysis

In the Linux kernel's ocfs2 (Oracle Cluster File System, the function __ocfs2_move_extent() previously contained a BUG() macro that would trigger a kernel panic when encountering certain filesystem corruption states. This vulnerability, identified as CVE-2025-68364, addresses the overly aggressive crash behavior by relaxing the BUG() to an ocfs2_error() call, which logs the error and returns an appropriate error code without crashing the entire system [1][2][3].

The root cause is that the BUG() invocation was designed to catch an internal inconsistency, but in practice it could be triggered by a corrupted on-disk filesystem image or by an attacker with the ability to manipulate the filesystem metadata. By converting this to a graceful error handling path, the kernel avoids a denial-of-service condition that would otherwise result in a system crash.

Exploitation of this vulnerability would require either local access to mount a maliciously crafted ocfs2 filesystem or the ability to corrupt the filesystem metadata through other means. The attack surface is limited to systems using the ocfs2 filesystem, which is primarily used in cluster environments. No authentication is needed beyond the ability to trigger the filesystem operation that reaches the vulnerable code path.

The impact is a denial-of-service condition: an unprivileged user or a corrupted filesystem could cause a kernel panic, crashing the entire system. The fix, which has been applied to the stable kernel tree, replaces the crash with a filesystem-level error that allows the system to continue operating, albeit with the affected filesystem operation failing. Users are advised to apply the kernel update containing this commit to mitigate the issue.