cve 2025 68285

CVE-2025-68285 is a Linux kernel vulnerability in the Ceph client library (libceph) that addresses a use-after-free issue in the have_mon_and_osd_map function. The flaw involves a race condition that can cause the kernel to dereference already-freed map objects during a Ceph session open. Ceph is a distributed storage system, and libceph handles client communication with Ceph monitor and OSD maps. This fix prevents potential memory corruption and system instability. While the vulnerability is in the Linux kernel, it is relevant to Windows users running Ceph clients or virtualized environments that rely on Linux-based storage backends.