| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025121632-CVE-2025-68242-45e0@gregkh> Date: Tue, 16 Dec 2025 15:21:34 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-68242: NFS: Fix LTP test failures when timestamps are delegated From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime06 tests fail when delegated timestamps are enabled, specifically in subtests that modify the atime and mtime fields using the 'nobody' user ID. The problem can be reproduced as follow: # echo "/media *(rw,no_root_squash,sync)" >> /etc/exports # export -ra # mount -o rw,nfsvers=4.2 127.0.0.1:/media /tmpdir # cd /opt/ltp # ./runltp -d /tmpdir -s utimes01 # ./runltp -d /tmpdir -s utime06 This issue occurs because nfs_setattr does not verify the inode's UID against the caller's fsuid when delegated timestamps are permitted for the inode. This patch adds the UID check and if it does not match then the request is sent to the server for permission checking. The Linux kernel CVE team has assigned CVE-2025-68242 to this issue. Affected and fixed versions =========================== Issue introduced in 6.11 with commit e12912d94137ab36ee704a91f465ff15c8b423da and fixed in 6.12.59 with commit b2e4cda71ed062c87573b016d2d956a62f4258ed Issue introduced in 6.11 with commit e12912d94137ab36ee704a91f465ff15c8b423da and fixed in 6.17.9 with commit 0e9be902041c6b9f0ed4b72764187eed1067a42f Issue introduced in 6.11 with commit e12912d94137ab36ee704a91f465ff15c8b423da and fixed in 6.18 with commit b623390045a81fc559decb9bfeb79319721d3dfb Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-68242 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/nfs/inode.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/b2e4cda71ed062c87573b016d2d956a62f4258ed https://git.kernel.org/stable/c/0e9be902041c6b9f0ed4b72764187eed1067a42f https://git.kernel.org/stable/c/b623390045a81fc559decb9bfeb79319721d3dfb
Powered by blists - more mailing lists