CVE-2025-68185
Published: Dec 16, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy to attack. Anyway, it's easy to deal with - since xdr_encode_hyper() is just a call of put_unaligned_be64(), we can put that under ->d_lock and be done with that.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 6025f641a0e30afdc5aa62017397b1860ad9f677affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < e6cafe71eb3b5579b245ba1bd528a181e77f3df1affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < fa4daf7d11e45b72aad5d943a7ab991f869fff79affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 504b3fb9948a9e96ebbabdee0d33966a8bab15cbaffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < eacfd08b26a062f1095b18719715bc82ad35312e+3 more versions |
Linux | Linux | affected 2.6.12unaffected 0 - < 2.6.12unaffected 5.4.302 - <= 5.4.*unaffected 5.10.247 - <= 5.10.*unaffected 5.15.197 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now