CVE-2025-68239

Summary

In the Linux kernel, the following vulnerability has been resolved:

binfmt_misc: restore write access before closing files opened by open_exec()

bm_register_write() opens an executable file using open_exec(), which internally calls do_open_execat() and denies write access on the file to avoid modification while it is being executed.

However, when an error occurs, bm_register_write() closes the file using filp_close() directly. This does not restore the write permission, which may cause subsequent write operations on the same file to fail.

Fix this by calling exe_file_allow_write_access() before filp_close() to restore the write permission properly.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe7850f4d844e0acfac7e570af611d89deade3146 < 54274ff90488b6c0f595a6518faed3cf0bc966ebaffected
LinuxLinuxe7850f4d844e0acfac7e570af611d89deade3146 < 480ac88431703f2adbb8e6b5bd73c3f3cf9f3d7faffected
LinuxLinuxe7850f4d844e0acfac7e570af611d89deade3146 < fbab8c08e1a6dbaef81e22d672a7647553101d16affected
LinuxLinuxe7850f4d844e0acfac7e570af611d89deade3146 < 6cce7bc7fac8471c832696720d9c8f2a976d9c54affected
LinuxLinuxe7850f4d844e0acfac7e570af611d89deade3146 < e785f552ab04dbca01d31f0334f4561240b04459affected
LinuxLinuxe7850f4d844e0acfac7e570af611d89deade3146 < 90f601b497d76f40fa66795c3ecf625b6aced9fdaffected
LinuxLinux467a50d5db7deaf656e18a1f633be9ecd94b393aaffected
LinuxLinux4a8b4124ea4156ca52918b66c750a69c6d932aa5affected
LinuxLinux3fe116e33a855bbfdd32dc207e9be2a41e3ed3a6affected
LinuxLinuxc0e0ab60d0b15469e69db93215dad009999f5a5baffected
LinuxLinux5ab9464a2a3c538eedbb438f1802f2fd98d0953faffected
LinuxLinuxd28492be82e19fc69cc69975fc2052b37ef0c821affected
LinuxLinux4.9.262 < 4.10affected
LinuxLinux4.14.226 < 4.15affected
LinuxLinux4.19.181 < 4.20affected
LinuxLinux5.4.106 < 5.5affected
LinuxLinux5.10.24 < 5.11affected
LinuxLinux5.11.7 < 5.12affected
LinuxLinux5.12affected
LinuxLinux0 < 5.12unaffected
LinuxLinux5.15.209 <= 5.15.*unaffected
LinuxLinux6.1.167 <= 6.1.*unaffected
LinuxLinux6.6.130 <= 6.6.*unaffected
LinuxLinux6.12.78 <= 6.12.*unaffected
LinuxLinux6.17.9 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References