CVE-2025-68266
Published: Dec 16, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that S_IFMT bits of inode->i_mode can become bogus when the S_IFMT bits of the 32bits "mode" field loaded from disk are corrupted or when the 32bits "attributes" field loaded from disk are corrupted. A documentation says that BFS uses only lower 9 bits of the "mode" field. But I can't find an explicit explanation that the unused upper 23 bits (especially, the S_IFMT bits) are initialized with 0. Therefore, ignore the S_IFMT bits of the "mode" field loaded from disk. Also, verify that the value of the "attributes" field loaded from disk is either BFS_VREG or BFS_VDIR (because BFS supports only regular files and the root directory).
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < d0c5ec1f57d8fbb953f166a27d9d32473dc8f3e4affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < aeccd6743ee4fdd1ab8cfcbb5b9a20b613418f6daffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 8f73336b75bd3457b6f9410f2a0601a238f32238affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < a9f626396bfe66f49b743601e862767928237cc0affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 77899444d46162aeb65f229590c26ba266864223+2 more versions |
Linux | Linux | affected 2.6.12unaffected 0 - < 2.6.12unaffected 5.10.248 - <= 5.10.*unaffected 5.15.198 - <= 5.15.*unaffected 6.1.160 - <= 6.1.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now