CVE-2025-68369Linux vulnerability

23 documents7 sources
Severity
7.2HIGHOSV
No vector
EPSS
0.1%
top 83.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
11
LinuxLinux KernelDebian Linux+8 more
Timeline
PublishedDec 24
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: ntfs3: init run lock for extend inode After setting the inode mode of $Extend to a regular file, executing the truncate system call will enter the do_truncate() routine, causing the run_lock uninitialized error reported by syzbot. Prior to patch 4e8011ffec79, if the inode mode of $Extend was not set to a regular file, the do_truncate() routine would not be entered. Add the run_lock initialization when loading $Extend. syzbo

Affected Packages13 packages

Linuxlinux/linux_kernel5.16.06.1.160+5
Debianlinux/linux_kernel< 6.1.162-1+1
Ubuntulinux/linux_kernel< 6.17.0-19.19
CVEListV5linux/linux63eb6730ce0604d3eacf036c2f68ea70b068317c79c8a77b1782e2ace96d063be3c41ba540d1e20a+7
debiandebian/linux< linux 6.1.162-1 (bookworm)

🔴Vulnerability Details

9
OSV
linux-oem-6.17 vulnerabilities2026-04-06
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-azure, linux-azure-6.17 vulnerabilities2026-03-25
OSV
linux-realtime-6.17 vulnerabilities2026-03-23
OSV
linux-gcp-6.17, linux-realtime vulnerabilities2026-03-17

📋Vendor Advisories

12
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2026-04-17
Ubuntu
Linux kernel vulnerabilities2026-04-16
Ubuntu
Linux kernel (OEM) vulnerabilities2026-04-06

🕵️Threat Intelligence

1
Wiz
CVE-2025-68369 Impact, Exploitability, and Mitigation Steps | Wiz