CVE-2025-68767 — Linux vulnerability

30 documents7 sources

Severity

7.8HIGHOSV

No vector

EPSS

0.0%

top 88.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +11 more

Timeline

PublishedJan 13

Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: hfsplus: Verify inode mode when loading from disk syzbot is reporting that S_IFMT bits of inode->i_mode can become bogus when the S_IFMT bits of the 16bits "mode" field loaded from disk are corrupted. According to [1], the permissions field was treated as reserved in Mac OS 8 and 9. According to [2], the reserved field was explicitly initialized with 0, and that field must remain 0 as long as reserved. Therefore, when the "mo…

Affected Packages16 packages

▶Linuxlinux/linux_kernel2.6.12 — 5.10.248+5

▶Debianlinux/linux_kernel< 5.10.249-1+3

▶Ubuntulinux/linux_kernel< 5.15.0-173.183

▶CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 — 6f768724aabd5b321c5b8f15acdca11e4781cf32+7

▶debiandebian/linux< linux 6.1.162-1 (bookworm)

🔴Vulnerability Details

OSV

linux-raspi vulnerabilities↗2026-04-01

▶

OSV

linux-intel-iot-realtime vulnerabilities↗2026-03-23

▶

OSV

linux-nvidia-tegra-igx vulnerabilities↗2026-03-23

▶

OSV

linux-realtime vulnerabilities↗2026-03-17

▶

OSV

linux-aws-5.15, linux-gcp-5.15, linux-gke, linux-hwe-5.15, linux-intel-iotg-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities↗2026-03-17

▶

📋Vendor Advisories

Ubuntu

Linux kernel (GCP) vulnerabilities↗2026-04-17

▶

Ubuntu

Linux kernel (FIPS) vulnerabilities↗2026-04-17

▶

Ubuntu

Linux kernel (Real-time) vulnerabilities↗2026-04-17

▶

Ubuntu

Linux kernel (Real-time) vulnerabilities↗2026-04-17

▶

Ubuntu

Linux kernel (NVIDIA) vulnerabilities↗2026-04-17

▶

🕵️Threat Intelligence

Wiz

CVE-2025-68767 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶