CVE-2025-68239
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
binfmt_misc: restore write access before closing files opened by open_exec()
bm_register_write() opens an executable file using open_exec(), which internally calls do_open_execat() and denies write access on the file to avoid modification while it is being executed.
However, when an error occurs, bm_register_write() closes the file using filp_close() directly. This does not restore the write permission, which may cause subsequent write operations on the same file to fail.
Fix this by calling exe_file_allow_write_access() before filp_close() to restore the write permission properly.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | e7850f4d844e0acfac7e570af611d89deade3146 < 54274ff90488b6c0f595a6518faed3cf0bc966eb | affected |
| Linux | Linux | e7850f4d844e0acfac7e570af611d89deade3146 < 480ac88431703f2adbb8e6b5bd73c3f3cf9f3d7f | affected |
| Linux | Linux | e7850f4d844e0acfac7e570af611d89deade3146 < fbab8c08e1a6dbaef81e22d672a7647553101d16 | affected |
| Linux | Linux | e7850f4d844e0acfac7e570af611d89deade3146 < 6cce7bc7fac8471c832696720d9c8f2a976d9c54 | affected |
| Linux | Linux | e7850f4d844e0acfac7e570af611d89deade3146 < e785f552ab04dbca01d31f0334f4561240b04459 | affected |
| Linux | Linux | e7850f4d844e0acfac7e570af611d89deade3146 < 90f601b497d76f40fa66795c3ecf625b6aced9fd | affected |
| Linux | Linux | 467a50d5db7deaf656e18a1f633be9ecd94b393a | affected |
| Linux | Linux | 4a8b4124ea4156ca52918b66c750a69c6d932aa5 | affected |
| Linux | Linux | 3fe116e33a855bbfdd32dc207e9be2a41e3ed3a6 | affected |
| Linux | Linux | c0e0ab60d0b15469e69db93215dad009999f5a5b | affected |
| Linux | Linux | 5ab9464a2a3c538eedbb438f1802f2fd98d0953f | affected |
| Linux | Linux | d28492be82e19fc69cc69975fc2052b37ef0c821 | affected |
| Linux | Linux | 4.9.262 < 4.10 | affected |
| Linux | Linux | 4.14.226 < 4.15 | affected |
| Linux | Linux | 4.19.181 < 4.20 | affected |
| Linux | Linux | 5.4.106 < 5.5 | affected |
| Linux | Linux | 5.10.24 < 5.11 | affected |
| Linux | Linux | 5.11.7 < 5.12 | affected |
| Linux | Linux | 5.12 | affected |
| Linux | Linux | 0 < 5.12 | unaffected |
| Linux | Linux | 5.15.209 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.167 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.130 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.78 <= 6.12.* | unaffected |
| Linux | Linux | 6.17.9 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/54274ff90488b6c0f595a6518faed3cf0bc966eb
- https://git.kernel.org/stable/c/480ac88431703f2adbb8e6b5bd73c3f3cf9f3d7f
- https://git.kernel.org/stable/c/fbab8c08e1a6dbaef81e22d672a7647553101d16
- https://git.kernel.org/stable/c/6cce7bc7fac8471c832696720d9c8f2a976d9c54
- https://git.kernel.org/stable/c/e785f552ab04dbca01d31f0334f4561240b04459
- https://git.kernel.org/stable/c/90f601b497d76f40fa66795c3ecf625b6aced9fd
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.