CVE-2025-68239
BaseFortify
Publication date: 2025-12-16
Last updated on: 2026-03-25
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's binfmt_misc component where a function called bm_register_write() opens an executable file with write access denied to prevent modification during execution. However, if an error happens, the file is closed without restoring write permissions, causing subsequent write operations on the file to fail. The fix involves properly restoring write access before closing the file.
How can this vulnerability impact me? :
The vulnerability can cause write operations on executable files to fail after an error occurs during file handling. This may lead to issues in modifying or updating executable files, potentially disrupting system operations or software updates that rely on writing to these files.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch or update to a Linux kernel version that includes the fix for this vulnerability, which restores write access properly by calling exe_file_allow_write_access() before filp_close(). Until then, avoid relying on bm_register_write() for handling executable files to prevent write permission issues.