Main Vulnerability Database SB20260113113

SB20260113113 - Integer underflow in Linux kernel iomap

Published: January 13, 2026

Security Bulletin ID SB20260113113

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Integer underflow (CVE-ID: CVE-2025-68794)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the iomap_adjust_read_range() function in fs/iomap/buffered-io.c. A local user can execute arbitrary code.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/12053695c8ef5410e8cc6c9ed4c0db9cd9c82b3e
https://git.kernel.org/stable/c/142194fb21afe964d2d194cab1fc357cbf87e899
https://git.kernel.org/stable/c/7aa6bc3e8766990824f66ca76c19596ce10daf3e
https://git.kernel.org/stable/c/82b60ffbb532d919959702768dca04c3c0500ae5