CVE-2025-68239

bmregisterwrite() opens an executable file using openexec(), which internally calls doopen_execat() and denies write access on the file to avoid modification while it is being executed.

However, when an error occurs, bmregisterwrite() closes the file using filp_close() directly. This does not restore the write permission, which may cause subsequent write operations on the same file to fail.

Fix this by calling exefileallowwriteaccess() before filp_close() to restore the write permission properly.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68239.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

e7850f4d844e0acfac7e570af611d89deade3146

Fixed

e785f552ab04dbca01d31f0334f4561240b04459

Fixed

90f601b497d76f40fa66795c3ecf625b6aced9fd

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

467a50d5db7deaf656e18a1f633be9ecd94b393a

Last affected

4a8b4124ea4156ca52918b66c750a69c6d932aa5

Last affected

3fe116e33a855bbfdd32dc207e9be2a41e3ed3a6

Last affected

c0e0ab60d0b15469e69db93215dad009999f5a5b

Last affected

5ab9464a2a3c538eedbb438f1802f2fd98d0953f

Last affected

d28492be82e19fc69cc69975fc2052b37ef0c821

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68239.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.12.0

Fixed

6.17.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68239.json"