VYPR
← All advisories
Unrated severityNVD Advisory· Published Jan 13, 2026· Updated Apr 15, 2026

CVE-2025-68794

CVE-2025-68794

Description

In the Linux kernel, the following vulnerability has been resolved:

iomap: adjust read range correctly for non-block-aligned positions

iomap_adjust_read_range() assumes that the position and length passed in are block-aligned. This is not always the case however, as shown in the syzbot generated case for erofs. This causes too many bytes to be skipped for uptodate blocks, which results in returning the incorrect position and length to read in. If all the blocks are uptodate, this underflows length and returns a position beyond the folio.

Fix the calculation to also take into account the block offset when calculating how many bytes can be skipped for uptodate blocks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

In iomap_adjust_read_range() in the Linux kernel, a fix for non-block-aligned positions prevents incorrect read range calculations that could lead to underflow or reading beyond a folio.

Vulnerability

Analysis

The Linux kernel's iomap subsystem provides iomap_adjust_read_range(), a function used to adjust the byte range for read operations on filesystems. The function incorrectly assumes that the starting position and length passed to it are always block-aligned. As reported for the erofs filesystem erofs, this assumption is not valid, leading to an error where too many bytes are skipped for already up-to-date blocks. Consequently, the function can return an incorrect position and length for subsequent reads, and when all blocks in the folio are up-to-date, the length can underflow and the returned position can exceed the folio boundary [1].

Exploitation

This vulnerability can be triggered by performing read operations on filesystem images or volumes that use non-block-aligned offsets and lengths, as demonstrated by the syzbot-generated case for erofs. Exploitation requires the ability to issue specific read I/O requests, likely from user space on a system that mounts a crafted filesystem image. The attacker does not need direct physical access but may need to trigger read paths in the kernel that rely on iomap for block mapping [1].

References
  1. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.