-

CVE-2025-68733

EPSS 0.07%
Veröffentlicht 24.12.2025 10:33:15
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

smack: fix bug: unprivileged task can create labels

In the Linux kernel, the following vulnerability has been resolved:

smack: fix bug: unprivileged task can create labels

If an unprivileged task is allowed to relabel itself
(/smack/relabel-self is not empty),
it can freely create new labels by writing their
names into own /proc/PID/attr/smack/current

This occurs because do_setattr() imports
the provided label in advance,
before checking "relabel-self" list.

This change ensures that the "relabel-self" list
is checked before importing the label.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

CNA 2 VulnDex Vulnerability Enrichment 12

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 38416e53936ecf896948fdeffc36b76979117952

Version < c80173233014a360c13fa5cc79d36bfe6e53a8ed

Status affected

Version 38416e53936ecf896948fdeffc36b76979117952

Version < 6b1e45e13546c9ea0b1d99097993ac0aafae90b1

Status affected

Version 38416e53936ecf896948fdeffc36b76979117952

Version < 4a7a7621619a366712fb9cefcb6e69f956c247ce

Status affected

Version 38416e53936ecf896948fdeffc36b76979117952

Version < f8fd5491100f920847a3338d5fba22db19c72773

Status affected

Version 38416e53936ecf896948fdeffc36b76979117952

Version < ac9fce2efabad37c338aac86fbe100f77a080e59

Status affected

Version 38416e53936ecf896948fdeffc36b76979117952

Version < 64aa81250171b6bb6803e97ea7a5d73bfa061f6e

Status affected

Version 38416e53936ecf896948fdeffc36b76979117952

Version < 60e8d49989410a7ade60f5dadfcd979c117d05c0

Status affected

Version 38416e53936ecf896948fdeffc36b76979117952

Version < c147e13ea7fe9f118f8c9ba5e96cbd644b00d6b3

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.4

Status affected

Version 0

Version < 4.4

Status unaffected

Version <= 5.10.*

Version 5.10.248

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.63

Status unaffected

Version <= 6.17.*

Version 6.17.13

Status unaffected

Version <= 6.18.*

Version 6.18.2

Status unaffected

Version <= *

Version 6.19

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.208

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/ac9fce2efabad37c338aac86fbe100f77a080e59

https://git.kernel.org/stable/c/64aa81250171b6bb6803e97ea7a5d73bfa061f6e

https://git.kernel.org/stable/c/60e8d49989410a7ade60f5dadfcd979c117d05c0

https://git.kernel.org/stable/c/c147e13ea7fe9f118f8c9ba5e96cbd644b00d6b3

https://git.kernel.org/stable/c/4a7a7621619a366712fb9cefcb6e69f956c247ce

https://git.kernel.org/stable/c/f8fd5491100f920847a3338d5fba22db19c72773

https://git.kernel.org/stable/c/6b1e45e13546c9ea0b1d99097993ac0aafae90b1

https://git.kernel.org/stable/c/c80173233014a360c13fa5cc79d36bfe6e53a8ed

https://nvd.nist.gov/vuln/detail/CVE-2025-68733

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68733

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68733

EUVD