CVE-2025-68266
- Source
- https://cve.org/CVERecord?id=CVE-2025-68266
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68266.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-68266
- Downstream
- Published
- 2025-12-16T14:47:06.240Z
- Modified
- 2026-03-13T04:05:31.370352Z
- Summary
- bfs: Reconstruct file type when loading from disk
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
bfs: Reconstruct file type when loading from disk
syzbot is reporting that SIFMT bits of inode->imode can become bogus when the S_IFMT bits of the 32bits "mode" field loaded from disk are corrupted or when the 32bits "attributes" field loaded from disk are corrupted.
A documentation says that BFS uses only lower 9 bits of the "mode" field. But I can't find an explicit explanation that the unused upper 23 bits (especially, the S_IFMT bits) are initialized with 0.
Therefore, ignore the SIFMT bits of the "mode" field loaded from disk. Also, verify that the value of the "attributes" field loaded from disk is either BFSVREG or BFS_VDIR (because BFS supports only regular files and the root directory).
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68266.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/34ab4c75588c07cca12884f2bf6b0347c7a13872
- https://git.kernel.org/stable/c/77899444d46162aeb65f229590c26ba266864223
- https://git.kernel.org/stable/c/8f73336b75bd3457b6f9410f2a0601a238f32238
- https://git.kernel.org/stable/c/a8cb796e7e2cb7971311ba236922f5e7e1be77e6
- https://git.kernel.org/stable/c/a9f626396bfe66f49b743601e862767928237cc0
- https://git.kernel.org/stable/c/aeccd6743ee4fdd1ab8cfcbb5b9a20b613418f6d
- https://git.kernel.org/stable/c/d0c5ec1f57d8fbb953f166a27d9d32473dc8f3e4
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68266.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-68266
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixedd0c5ec1f57d8fbb953f166a27d9d32473dc8f3e4Fixedaeccd6743ee4fdd1ab8cfcbb5b9a20b613418f6dFixed8f73336b75bd3457b6f9410f2a0601a238f32238Fixeda9f626396bfe66f49b743601e862767928237cc0Fixed77899444d46162aeb65f229590c26ba266864223Fixeda8cb796e7e2cb7971311ba236922f5e7e1be77e6Fixed34ab4c75588c07cca12884f2bf6b0347c7a13872
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced2.6.12Fixed5.10.248
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.198
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.160
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.120
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.62
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.17.12