CVE-2025-68239

EPSS 0.03%
Veröffentlicht 16.12.2025 14:21:16
Zuletzt bearbeitet 18.12.2025 15:08:06
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

binfmt_misc: restore write access before closing files opened by open_exec()

bm_register_write() opens an executable file using open_exec(), which
internally calls do_open_execat() and denies write access on the file to
avoid modification while it is being executed.

However, when an error occurs, bm_register_write() closes the file using
filp_close() directly. This does not restore the write permission, which
may cause subsequent write operations on the same file to fail.

Fix this by calling exe_file_allow_write_access() before filp_close() to
restore the write permission properly.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < e785f552ab04dbca01d31f0334f4561240b04459

Version e7850f4d844e0acfac7e570af611d89deade3146

Status affected

Version < 90f601b497d76f40fa66795c3ecf625b6aced9fd

Version e7850f4d844e0acfac7e570af611d89deade3146

Status affected

Version 467a50d5db7deaf656e18a1f633be9ecd94b393a

Status affected

Version 4a8b4124ea4156ca52918b66c750a69c6d932aa5

Status affected

Version 3fe116e33a855bbfdd32dc207e9be2a41e3ed3a6

Status affected

Version c0e0ab60d0b15469e69db93215dad009999f5a5b

Status affected

Version 5ab9464a2a3c538eedbb438f1802f2fd98d0953f

Status affected

Version d28492be82e19fc69cc69975fc2052b37ef0c821

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.12

Status affected

Version < 5.12

Version 0

Status unaffected

Version <= 6.17.*

Version 6.17.9

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.067

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/e785f552ab04dbca01d31f0334f4561240b04459

https://git.kernel.org/stable/c/90f601b497d76f40fa66795c3ecf625b6aced9fd

https://nvd.nist.gov/vuln/detail/CVE-2025-68239

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68239

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68239

EUVD