CVE-2025-68803

Source
https://cve.org/CVERecord?id=CVE-2025-68803
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68803.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-68803
Downstream
Related
Published
2026-01-13T15:29:11.732Z
Modified
2026-07-09T18:30:55.895155993Z
Summary
NFSD: NFSv4 file creation neglects setting ACL
Details

In the Linux kernel, the following vulnerability has been resolved:

NFSD: NFSv4 file creation neglects setting ACL

An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL (based on the mode bits) and not the ACL that was requested during file creation. This violates RFC 8881 section 6.4.1.3: "the ACL attribute is set as given".

The issue occurs in nfsdcreatesetattr(), which calls nfsdattrsvalid() to determine whether to call nfsdsetattr(). However, nfsdattrsvalid() checks only for iattr changes and security labels, but not POSIX ACLs. When only an ACL is present, the function returns false, nfsdsetattr() is skipped, and the POSIX ACL is never applied to the inode.

Subsequently, when the client retrieves the ACL, the server finds no POSIX ACL on the inode and returns one generated from the file's mode bits rather than returning the originally-specified ACL.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68803.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c5409ce523af40d5c3019717bc5b4f72038d48be
Fixed
c182e1e0b7640f6bcc0c5ca8d473f7c57199ea3d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d52acd23a327cada5fb597591267cfc09f08bb1d
Fixed
75f91534f9acdfef77f8fa094313b7806f801725
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c0cbe70742f4a70893cd6e5f6b10b6e89b6db95b
Fixed
60dbdef2ebc2317266a385e4debdb1bb0e57afe1
Fixed
381261f24f4e4b41521c0e5ef5cc0b9a786a9862
Fixed
bf4e671c651534a307ab2fabba4926116beef8c3
Fixed
214b396480061cbc8b16f2c518b2add7fbfa5192
Fixed
913f7cf77bf14c13cfea70e89bcb6d0b22239562
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5.10.220
Fixed
5.10.248
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5.15.154
Fixed
5.15.198

Affected versions

v5.*
v5.10.220
v5.10.221
v5.10.222
v5.10.223
v5.10.224
v5.10.225
v5.10.226
v5.10.227
v5.10.228
v5.10.229
v5.10.230
v5.10.231
v5.10.232
v5.10.233
v5.10.234
v5.10.235
v5.10.236
v5.10.237
v5.10.238
v5.10.239
v5.10.240
v5.10.241
v5.10.242
v5.10.243
v5.10.244
v5.10.245
v5.10.246
v5.10.247
v5.15.154
v5.15.155
v5.15.156
v5.15.157
v5.15.158
v5.15.159
v5.15.160
v5.15.161
v5.15.162
v5.15.163
v5.15.164
v5.15.165
v5.15.166
v5.15.167
v5.15.168
v5.15.169
v5.15.170
v5.15.171
v5.15.172
v5.15.173
v5.15.174
v5.15.175
v5.15.176
v5.15.177
v5.15.178
v5.15.179
v5.15.180
v5.15.181
v5.15.182
v5.15.183
v5.15.184
v5.15.185
v5.15.186
v5.15.187
v5.15.188
v5.15.189
v5.15.190
v5.15.191
v5.15.192
v5.15.193
v5.15.194
v5.15.195
v5.15.196
v5.15.197

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68803.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.248
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.198
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.160
Type
ECOSYSTEM
Events
Introduced
6.0.0
Fixed
6.6.121
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.12.64
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.18.3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68803.json"