CVE-2025-68764

Summary

In the Linux kernel, the following vulnerability has been resolved:

NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags

When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf2aedb713c284429987dc66c7aaf38decfc8da2a < a3dc6c40bcab1a888d5c0d134ccc0746b4c98929affected
LinuxLinuxf2aedb713c284429987dc66c7aaf38decfc8da2a < ba1495aefd22fcf0746a2a3025c95d766d7cde4daffected
LinuxLinuxf2aedb713c284429987dc66c7aaf38decfc8da2a < c09070b4def1b34e473a746c6a5331ccb80902c1affected
LinuxLinuxf2aedb713c284429987dc66c7aaf38decfc8da2a < dce10c59211e5cd763a62ea01e79b82a629811e3affected
LinuxLinuxf2aedb713c284429987dc66c7aaf38decfc8da2a < 612cc98698d667df804792f0c47d4e501e66da29affected
LinuxLinuxf2aedb713c284429987dc66c7aaf38decfc8da2a < 4b296944e632cf4c6a4cc8e2585c6451eae47b1baffected
LinuxLinuxf2aedb713c284429987dc66c7aaf38decfc8da2a < df9b003a2ecacc7218486fbb31fe008c93097d5faffected
LinuxLinuxf2aedb713c284429987dc66c7aaf38decfc8da2a < 8675c69816e4276b979ff475ee5fac4688f80125affected
LinuxLinux5.6affected
LinuxLinux0 < 5.6unaffected
LinuxLinux5.10.248 <= 5.10.*unaffected
LinuxLinux5.15.198 <= 5.15.*unaffected
LinuxLinux6.1.160 <= 6.1.*unaffected
LinuxLinux6.6.120 <= 6.6.*unaffected
LinuxLinux6.12.63 <= 6.12.*unaffected
LinuxLinux6.17.13 <= 6.17.*unaffected
LinuxLinux6.18.2 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References