CVE-2025-68767
Published: Jan 13, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: hfsplus: Verify inode mode when loading from disk syzbot is reporting that S_IFMT bits of inode->i_mode can become bogus when the S_IFMT bits of the 16bits "mode" field loaded from disk are corrupted. According to [1], the permissions field was treated as reserved in Mac OS 8 and 9. According to [2], the reserved field was explicitly initialized with 0, and that field must remain 0 as long as reserved. Therefore, when the "mode" field is not 0 (i.e. no longer reserved), the file must be S_IFDIR if dir == 1, and the file must be one of S_IFREG/S_IFLNK/S_IFCHR/ S_IFBLK/S_IFIFO/S_IFSOCK if dir == 0.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 6f768724aabd5b321c5b8f15acdca11e4781cf32affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < d92333c7a35856e419500e7eed72dac1afa404a5affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 001f44982587ad462b3002ee40c75e8df67d597daffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 05ec9af3cc430683c97f76027e1c55ac6fd25c59affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < edfb2e602b5ba5ca6bf31cbac20b366efb72b156+2 more versions |
Linux | Linux | affected 2.6.12unaffected 0 - < 2.6.12unaffected 5.10.248 - <= 5.10.*unaffected 5.15.198 - <= 5.15.*unaffected 6.1.160 - <= 6.1.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now