CVE-2025-68212
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-16

Last updated on: 2025-12-18

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized 'offp' in statmount_string() In statmount_string(), most flags assign an output offset pointer (offp) which is later updated with the string offset. However, the STATMOUNT_MNT_UIDMAP and STATMOUNT_MNT_GIDMAP cases directly set the struct fields instead of using offp. This leaves offp uninitialized, leading to a possible uninitialized dereference when *offp is updated. Fix it by assigning offp for UIDMAP and GIDMAP as well, keeping the code path consistent.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-18
Generated
2026-06-16
AI Q&A
2025-12-16
EPSS Evaluated
2026-06-15
NVD
CVE-2025-68212
EUVD
EUVD-2025-203684
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is in the Linux kernel's statmount_string() function. It occurs because the 'offp' pointer, which is supposed to be initialized and updated with string offsets, remains uninitialized in certain cases (STATMOUNT_MNT_UIDMAP and STATMOUNT_MNT_GIDMAP). This can lead to an uninitialized pointer dereference when the code attempts to update *offp. The fix involved properly assigning 'offp' in these cases to maintain consistent code behavior.

Impact Analysis

The vulnerability can cause an uninitialized pointer dereference in the Linux kernel, which may lead to undefined behavior such as system crashes or kernel panics. This can affect system stability and reliability.

Mitigation Strategies

Apply the patch or update to the fixed version of the Linux kernel that resolves the uninitialized 'offp' issue in statmount_string(). This ensures the vulnerability is addressed by initializing 'offp' properly for UIDMAP and GIDMAP cases.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68212. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart