CVE-2025-68767
BaseFortify
Publication date: 2026-01-13
Last updated on: 2026-01-19
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the Linux kernel's handling of the HFS+ filesystem. Specifically, the S_IFMT bits of the inode's i_mode field can become corrupted when loading from disk, leading to bogus mode bits. This happens because the permissions field, which was reserved and initialized to zero in older Mac OS versions, can become non-zero and cause incorrect file type interpretation. The fix ensures that when the mode field is not zero, the file type must be consistent with whether it is a directory or not, preventing corrupted or invalid inode modes.
How can this vulnerability impact me? :
This vulnerability can lead to incorrect interpretation of file types in the HFS+ filesystem on Linux, potentially causing the system to misidentify files or directories. This could result in improper file handling, security issues, or system instability due to corrupted inode mode bits.