CVE-2025-68784

Summary

In the Linux kernel, the following vulnerability has been resolved:

xfs: fix a UAF problem in xattr repair

The xchk_setup_xattr_buf function can allocate a new value buffer, which means that any reference to ab->value before the call could become a dangling pointer. Fix this by moving an assignment to after the buffer setup.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe47dcf113ae348678143cc935a1183059c02c9ad < 1e2d3aa19c7962b9474b22893160cb460494c45faffected
LinuxLinuxe47dcf113ae348678143cc935a1183059c02c9ad < d29ed9ff972afe17c215cab171761d7a15d7063faffected
LinuxLinuxe47dcf113ae348678143cc935a1183059c02c9ad < 5990fd756943836978ad184aac980e2b36ab7e01affected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.12.64 <= 6.12.*unaffected
LinuxLinux6.18.3 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References