CVE-2025-68737
Memory Protection Bypass in Linux Kernel arm64 pageattr Component
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the Linux kernel's arm64 architecture where an error from the __change_memory_common function was not properly propagated. Specifically, when the security feature rodata=on requires memory regions to be set as read-only or execute-only, any failure in setting these protections on the linear map alias was being suppressed instead of causing an abort. This could lead to memory regions not being properly protected, potentially allowing unintended code execution or modification.
How can this vulnerability impact me? :
If the error in setting memory protections is suppressed, it could result in memory regions that are supposed to be read-only or execute-only remaining writable or executable. This can lead to security risks such as unauthorized code execution or modification of critical kernel memory, potentially compromising system integrity and security.